Open source software contributor Russell Coker has been hired by Red Hat Australia’s development team to amalgamate the Security Enhanced Linux (SELinux) architecture into the vendor’s forthcoming Fedora and Enterprise Linux distributions.
SELinux was initially designed by the US National Security Agency (NSA) as an access control technology architecture which could strengthen security levels within an operating system.
According to the NSA Web site, SELinux is “an example of how mandatory access controls that can confine the actions of any process, including a superuser process, can be added into Linux”.
The government agency released SELinux into the open source community in 2000. The architecture has since been further developed by individual developers, as well as under the SELinux for Distributions project.
Melbourne-based Coker has already made a name for himself as one of the key contributors to the SELinux project.
As well as being an ongoing contributor to the Debian project, Coker is the first person to release code for an iPAQ PDA running SELinux (including kernel patches and policy).
Specifically, NSA states Coker has “significantly expanded and improved the SELinux example policy configuration, enhanced the run_init and spasswd utilities, developed a devfsd module for managing devfs file contexts, implemented improvements to the setfiles program and extended strace to trace SELinux system calls”.
Coker has also given several presentations and tutorials both internationally and in Australia on the SELinux project and was awarded a $US1000 grant by the James and Charlotte Griffin Foundation charity last year for his technical contribution to SELinux.
Coker will be based at Red Hat Australia’s Melbourne office.
Red Hat Australia chief technology architect Richard Keech said the vendor’s plan is to incorporate SELinux functionality into the core 2 release of Fedora Linux, due out on 19 April.
“Red Hat will be the first to have a security enhanced version of Linux,” he said.
Fedora’s core 2 release will also be one of the first distributions based on the recently released 2.6 Linux kernel, Keech said.
As the Fedora project is a test-bed for future releases of Red Hat’s Enterprise Linux operating system, the SELinux architecture should also make its way into the next Red Hat Enterprise Linux version 4 product, currently slated for release in May 2005.