875f635ab4
This patch gets rid of the old "special notes" section that was a dead-end in the documentation and replaces it with a brief header followed by a dynamically-generated list of tag-specific documentation. All of this sits underneath the "Hardening Domains" section. It also splits the "Deviations" documentation into its own section because it's quite important for a deployer to review. The patch also includes a link to video/slides from the Boston Summit, which provided the latest updates for the project and some background on how everything fits together. Change-Id: I1a5e78733c301335fe1bcfcee36cc146d690b841
17 lines
579 B
ReStructuredText
17 lines
579 B
ReStructuredText
lsm - Linux Security Modules
|
|
============================
|
|
|
|
Linux Security Modules, such as AppArmor and SELinux, provide an extra level of
|
|
security controls on a Linux system. They provide Mandatory Access Control
|
|
(MAC) that checks system activities against security policy. These policies
|
|
apply to all users, including root.
|
|
|
|
Overview
|
|
--------
|
|
|
|
The STIG requires that SELinux is in enforcing mode to provide additional
|
|
security against attacks. The security role will enable SELinux on CentOS
|
|
systems and enable AppArmor on Ubuntu and Debian systems.
|
|
|
|
.. include:: auto_lsm.rst
|