12 - Restrict BIND Access with SELinux - SELINUX

Information

The Security Enhanced Linux (SELinux) project started by the NSA provides targeted mandatory access controls, which may be used to restrict BIND to minimal access. SELinux is included in the RedHat Enterprise and Fedora Core installation options. Make sure you have the latest versions of following RPM's, or install them if needed.

Rationale:

Latest version of RPM's ensure bugs and securty vulnerability are patched enhancing the performance of the system.

Solution

Make sure you have the latest versions of following RPM's, or install them as needed.
- libselinux-devel
- libselinux
- selinux-policy-targeted
- selinux-policy-targeted-sources
- selinux-doc
- checkpolicy

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(3)

Plugin: Unix

Control ID: 0aaf27d2465fd2874b362b2468903a1bfdabcd8945409ebe4431795509b793c6