Containers and SELinux

Secure your Containers with SELinux

Introduction Linux containers provide a lightweight and efficient way to run multiple isolated environments on a single host. While containers offer many benefits, such as improved resource utilization and faster application deployment, there are also security concerns that must be considered. One security implementation that can be used with containers is SELinux. In this article, we will explore some of the security features of SELinux and how they can be used to secure Linux containers. [Read More]

Labeled IPsec with LibreSwan

Enhance the security with labeled IPsec

Introduction Libreswan is an open-source implementation of the Internet Protocol Security (IPsec) protocol. IPsec is a widely used technology for securing communication over the internet. Labeled IPsec is an extension of IPsec that provides mandatory access control (MAC) to IPsec packets based on the security labels. In this article, we will discuss how labeled IPsec can be implemented with Libreswan. Implement labeled IPsec To implement labeled IPsec with Libreswan, we need to use the Security Enhanced Linux (SELinux) policy. [Read More]

SELinux

Security Enhanced Linux

SELinux: Enhancing System Security SELinux stands for Security-Enhanced Linux, which is a security module implemented in the Linux kernel. It provides an additional layer of security by enforcing mandatory access control policies on top of the traditional discretionary access control mechanisms provided by the Linux kernel. SELinux was developed by the National Security Agency (NSA) and external contributors in collaboration with Red Hat and has been integrated into various Linux distributions, including Red Hat Enterprise Linux, Rocky Linux, AlmaLinux, and Fedora. [Read More]