SELinux is one of the key security features within Linux. It is a foundational part of many modern technologies like containers. With a history of more than 15 years, SELinux is well known among system administrators—yet too often not activated on outside facing, production systems. In this session, you'll learn how to use SELinux—from implementation through ongoing management—particularly understanding what SELinux is trying to tell you and what actions you should take based on the information. Dan Walsh, Red Hat principal security engineer (a.k.a. "Mr. SELinux"), will walk you through best practices and actual implementations, including set up and configuration, labeling, patching and maintenance, protection from hackers, and more. To bring it to life, you'll hear the implementation challenges and successes from IT.NRW, a German government IT service provider, which used SELinux to secure a 3rd party app integrated into their web environment. Today they use SELinux on over 100 servers—and you'll learn why it's worth it to deploy SELinux in your production environment, too.
- 2016年 10月 23日