From Fedora Project Wiki

m (Security Audit Package)
 
(114 intermediate revisions by 20 users not shown)
Line 1: Line 1:
== Security ==
+
{{header|docs}}
  
This section highlights various security items from Fedora.
+
{{Docs_beat_closed}}
  
=== Security Enhancements ===
+
[[Category:Docs Project]]
 
+
[[Category:Draft documentation]]
Fedora continues to improve its many proactive [http://fedoraproject.org/wiki/Security/Features security features] .
+
[[Category:Documentation beats]]
 
 
=== SELinux Enhancements ===
 
Different roles are now available, to allow finer-grained access control:
 
* <code>guest_t</code> does not allow running setuid binaries, making network connections, or using a GUI.
 
* <code>xguest_t</code> disallows network access except for HTTP via a Web browser, and no setuid binaries.
 
* <code>user_t</code> is ideal for office users: prevents becoming root via setuid applications.
 
* <code>staff_t</code> is same as <code>user_t</code>, except that root access via <code>sudo</code> is allowed.
 
* <code>unconfined_t</code> provides full access, the same as when not using SELinux.
 
 
 
As well, browser plug-ins wrapped with <code>nspluginwrapper</code>, which is the default, now run confined.
 
 
 
=== Security Audit Package ===
 
Sectool provides users with a tool that can check their systems for security issues. There are libraries included that allow for the customization of system tests. More information can be found at the [https://fedorahosted.org/sectool project home].
 
 
 
=== General Information ===
 
 
 
A general introduction to the many proactive security features in Fedora, current status, and policies is available at http://fedoraproject.org/wiki/Security.
 
 
 
{{/SELinux}}
 
{{/FreeIPA}}
 

Latest revision as of 01:33, 20 September 2016

DocsProject Header docTeam1.png


Warning.png
Beat Closed on Wiki
Work on beats has now moved to git at https://pagure.io/fedora-docs/release-notes. If you have changes or additions, please contact the docs team via #fedora-docs, docs@lists.fedoraproject.org, or with the release-notes BZ component.