Linux Foundation - English  Linux Foundation - Japanese  LINUXFOUNDATION.ORG | LINUX.COM | TRAINING | more Login LOGIN  Sign Up SIGN UP
Events Home

Platinum Sponsors
HP LogoIBM LogoIntel LogoNovell LogoQualcomm Logo

Gold Sponsors
Dell Logo

Silver Sponsors
Black Duck LogoCanonical LogoLinbit LogoSoftlayer LogoWind River Logo

For information on sponsorship or exhibition opportunities at LinuxCon, please contact Angela Brown at angela (at) linuxfoundation dot org.

 

Register for LinuxCon

NetLabel: The How

Paul Moore, Hewlett-Packard

NetLabel was developed to provide a mechanism for interoperable labeled networking for the Linux Kernel using explicit labeling protocols such as CIPSO. This new approach to interoperability enabled Linux to participate in trusted, labeled networks that had previously been limited to OSs such as Trusted Solaris and HP-UX CMW. NetLabel was first included in Linux 2.6.19 and has seen a steady stream of improvements since its initial release. NetLabel development has also helped foster a number of improvements to both the SELinux and Smack network access controls along the way. This tutorial will discuss the different NetLabel configuration options for both SELinux and Smack as well as security policy considerations for both LSMs when NetLabel is enabled. Time will also be spent demonstrating how to make applications "label aware" using both SELinux and Smack APIs. Participants should be familiar with NetLabel and either SELinux or Smack.