The U.S. National Security Agency has released its own version of the
open-source computer operating system Linux, which offers enhanced
security for users.
The new software was rolled out earlier this month to an e-mail list for users of Linux
-- an operating system that many experts believe provides a more secure
alternative to the ubiquitous Microsoft Windows. Linux is open-source,
which means the core code is available to programmers to improve, as
the NSA has done with its latest version of the so-called
Security-Enhanced Linux, or SELinux.
The version provides what
experts call Mandatory Access Control, which essentially limits the
kind of instructions that software packages and users can issue to the
computer, helping guard against hackers compromising it. MAC
"confine(s) user programs and system servers to the minimum amount of
privilege they require to do their jobs," says the agency on its Web
site.
"This work is not intended as a complete security
solution," said the agency in a March 5 statement about the latest
update. "It is simply an example of how mandatory access controls that
can confine the actions of any process, including an administrator
process, can be added into a system."
The agency added the
security features of the system were limited. "The focus of this work
has not been on system assurance or other security features such as
security auditing, although these elements are also important for a
secure system."
The release was first reported by Government
Computer News. The NSA has been working on SELinux since 2000, and it
has been available to Linux users since 2003.
The NSA is also
pushing for MAC to be made an option for Internet servers using the
Network File System protocol, according to the Dark Reading IT security
Web site.
The site said the proposal was discussed at a meeting of the Internet Engineering Task Force in Philadelphia earlier this month.
|
