Information Security News mailing list archives
Updated release of Security-enhanced Linux
From: InfoSec News <isn () C4I ORG>
Date: Sun, 18 Mar 2001 01:32:06 -0600
---------- Forwarded message ---------- Date: Fri, 16 Mar 2001 11:07:56 -0500 (EST) From: Howard Holm <hdholm () epoch ncsc mil> To: selinux () tycho nsa gov Subject: Updated release An updated release of Security-enhanced Linux has been posted on the NSA web site (www.nsa.gov/selinux). Changes include: - Updated information on the developers' mailing list and archives was made available. - Answers to Frequently Asked Questions were added to the site. - Kernel patches are now provided for 2.4.2 and 2.2.18. - The 2.4.2 patch includes changes to virtualize the persistent SID mapping interfaces and the file mandatory access controls. - The 2.2.18 patch includes several bug fixes to the old 2.2-based patch. It also includes a new implementation of System V IPC mandatory access controls. These controls have not yet been ported to the 2.4 kernel. - Both the 2.2.18 and 2.4.2 patches incorporate a change in the implementation of the new system calls that is not backward compatible with the old implementation. Hence, the updated libsecure must be compiled and all modified utilities must be relinked against it. - The util-linux patch is now provided for the util-linux-2.10s sources from kernel.org. - The procps patch is now provided for the procps-010114 sources from http://www.cs.uml.edu/~acahalan/procps. - The vixie-cron patch is now provided for the vixie-cron-3.0.1-61 sources from RedHat. - A small fix was made to the spasswd wrapper program to ensure that it is not mistakenly used by an administrator to try to change another user's password. A README was added to explain the purpose of this program. - The shadow password file is no longer moved by the installation scripts, and the modified versions of libpwdb, sulogin, and the shadow utilities are no longer provided. The relocation of the shadow password file was creating compatibility problems with a number of applications despite the updatedlibpwdb. A different approach for maintaining a separate security context on the shadow password file will be implemented in the future. - The modified versions of rshd and wu-ftpd were removed from the distribution and each of these daemons were limited to their initial domain in the example policy configuration. -- Howard Holm <hdholm () epoch ncsc mil> Information Assurance Research Office National Security Agency ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Updated release of Security-enhanced Linux InfoSec News (Mar 18)