ProHoster > Ibhulogi > Ulawulo > SELinux Imibuzo Ebuzwa Rhoqo (FAQ)

SELinux Imibuzo Ebuzwa Rhoqo (FAQ)

Molweni nonke! Ingakumbi kubafundi bekhosi "Ukhuseleko lweLinux" silungiselele ukuguqulelwa kwe-FAQ esemthethweni yeprojekthi ye-SELinux. Kuthi kubonakala ngathi oluguqulelo lungaluncedo hayi kubafundi kuphela, ngoko ke siyabelana nawe ngalo.

SELinux Imibuzo Ebuzwa Rhoqo (FAQ)

Sizamile ukuphendula eminye yemibuzo edla ngokubuzwa malunga neprojekthi ye-SELinux. Imibuzo ngoku yahlulwe yangamacandelo amabini aphambili. Yonke imibuzo kunye neempendulo zinikiwe kwiphepha le-FAQ.

isishwankathelo

isishwankathelo

  1. Yintoni iLinux eyomelezwe ngoKhuseleko?
    I-Linux ephuculweyo yokhuseleko (SELinux) kukuphunyezwa kwereferensi yoyilo lokhuseleko lweFlask ukwenzela ukuguquguquka, ulawulo lokufikelela olunyanzelweyo. Yenzelwe ukubonisa ukuba luncedo kweendlela zokunyanzeliswa okuguquguqukayo kunye nokuba ezo ndlela zinokongezwa njani kwinkqubo yokusebenza. Uyilo lweFlask lwaye lwadityaniswa kwiLinux kwaye lwathunyelwa kwezinye iinkqubo ezininzi, kubandakanya inkqubo yokusebenza yeSolaris, inkqubo yokusebenza yeFreeBSD, kunye neDarwin kernel, enika uluhlu olubanzi lomsebenzi onxulumeneyo. I-architecture ye-Flask inikezela ngenkxaso jikelele yokunyanzeliswa kweentlobo ezininzi zemigaqo-nkqubo yokunyanzeliswa kolawulo lokufikelela, kubandakanywa nezo zisekelwe kwiingcamango zokunyanzeliswa koHlobo, uLawulo lokuFikelela oluSekwe kwiNgxelo, kunye noKhuseleko lweNqanaba leMininzi.
  2. Ingaba iLinux eyomeleziweyo yokhuseleko yenza ntoni ukuba iLinux eqhelekileyo ayinako?
    I-Linux kernel eyomelezwe ngokhuseleko inyanzelisa imigaqo-nkqubo yofikelelo olunyanzelweyo olunqanda iinkqubo zabasebenzisi kunye neeseva zenkqubo kubuncinane bamalungelo akhethekileyo abawadingayo ukwenza umsebenzi wabo. Ngalo thintelo, ukukwazi kwezi nkqubo zabasebenzisi kunye needaemon zenkqubo ukwenza ingozi kwimeko yokulalanisa (umzekelo, ngenxa yokuphuphuma kwebuffer okanye ukungacwangciswa kakuhle) kuyancitshiswa okanye kupheliswe. Le ndlela yothintelo isebenza ngokuzimeleyo kwiindlela zolawulo lofikelelo lweLinux. Ayinayo ingqikelelo ye-"root" yomsebenzisi omkhulu, kwaye ayabelani ngeentsilelo ezaziwayo-kakuhle zeendlela zokhuseleko ze Linux (umzekelo, ukuxhomekeka kwi-setuid/setgid binaries).
    Ukhuseleko lwenkqubo yeLinux engalungiswanga ixhomekeke ekuchanekeni kwekernel, zonke izicelo ezinelungelo, kunye noqwalaselo ngalunye lwazo. Ingxaki kuyo nayiphi na kwezi ndawo inokuthi ibeke esichengeni inkqubo yonke. Ngokwahlukileyo, ukhuseleko lwenkqubo elungisiweyo esekwe kwi-Linux kernel eyomeleziweyo ixhomekeke ikakhulu ekuchanekeni kwekernel kunye noqwalaselo lomgaqo-nkqubo wokhuseleko wayo. Ngelixa iingxaki zokuchaneka kwesicelo okanye uqwalaselo zinokuvumela uthomalaliso olulinganiselweyo lweenkqubo zomsebenzisi ngamnye kunye nedaemon zenkqubo, azibeki mngcipheko wokhuseleko kwezinye iinkqubo zabasebenzisi kunye needaemon zenkqubo okanye kukhuseleko lwenkqubo iyonke.
  3. Ulungele ntoni?
    Iimpawu ezintsha eziphuculweyo zokhuseleko zeLinux ziyilelwe ukunika ukwahlulwa kolwazi olusekwe kubumfihlo kunye neemfuno zemfezeko. Zenzelwe ukuthintela iinkqubo zokufunda idatha kunye neenkqubo, ukuphazamisa idatha kunye neenkqubo, ukudlula iindlela zokukhusela izicelo, ukwenza iinkqubo ezingathembekiyo, okanye ukuphazamisa ezinye iinkqubo ezichasene nomgaqo-nkqubo wokhuseleko lwenkqubo. Bakwanceda ukunciphisa umonakalo onokuthi ubangelwe yi-malware okanye iinkqubo ezingalunganga. Kufuneka kwakhona zibe luncedo ekuqinisekiseni ukuba abasebenzisi abaneemvume ezahlukeneyo zokhuseleko banokusebenzisa inkqubo efanayo ukufikelela kwiintlobo ezahlukeneyo zolwazi ngeemfuno ezahlukeneyo zokhuseleko ngaphandle kokubeka esichengeni ezo mfuno.
  4. Ndingayifumana njani ikopi?
    Unikezelo oluninzi lwe-Linux lubandakanya inkxaso ye-SELinux esele yakhelwe kuyo njengento engagqibekanga okanye njengepakethe ekhethwayo. Ikhowudi ye-SELinux yomsebenzisi engundoqo iyafumaneka GitHub. Abasebenzisi bokugqibela kufuneka basebenzise iipakethe ezinikezelwe ngokusasazwa kwazo.
  5. Yintoni ebandakanyiweyo ekukhululweni kwakho?
    Ukukhutshwa kwe-NSA kwe-SELinux kubandakanya ikhowudi ye-SELinux yomsebenzisi engundoqo. Inkxaso ye-SELinux sele ibandakanyiwe kwi-Linux 2.6 kernel eqhelekileyo, efumaneka kwi-kernel.org. Ikhowudi ye-SELinux yomsebenzisi engundoqo iqulathe ithala leencwadi lokuguqulwa komgaqo-nkqubo wokubini (libsepol), umqokeleli wemigaqo-nkqubo (umgaqo-nkqubo wokukhangela), ithala leencwadi lezicelo zokhuseleko (libselinux), ithala leencwadi lezixhobo zolawulo lomgaqo-nkqubo (libsemanage), kunye nezinto ezininzi ezinxulumene nomgaqo-nkqubo ( imigaqo-nkqubo).
    Ukongeza kwi-SELinux-enabled kernel kunye nesiseko sekhowudi yomsebenzisi, uya kufuna umgaqo-nkqubo kunye neepakethe ze-SELinux ezifakwe kwi-userspace ukuze usebenzise i-SELinux. Ipolisi inokufunyanwa SELinux iprojekthi yomgaqo-nkqubo wesalathiso.
  6. Ndingayifaka i-Linux eqinile kwinkqubo ekhoyo yeLinux?
    Ewe, ungafaka kuphela uhlengahlengiso lwe-SELinux kwinkqubo ekhoyo yeLinux, okanye ungafaka ukuhanjiswa kweLinux esele ibandakanya inkxaso yeSELinux. I-SELinux iqulethe i-Linux kernel enenkxaso ye-SELinux, iseti engundoqo yamathala eencwadi kunye nezinto eziluncedo, ezinye iipakethe zabasebenzisi ezilungisiweyo, kunye noqwalaselo lomgaqo-nkqubo. Ukuyifakela kwinkqubo ekhoyo yeLinux engenankxaso ye-SELinux, kufuneka ukwazi ukuqulunqa isoftware kwaye ube nezinye iipakethe zenkqubo efunekayo. Ukuba unikezelo lwakho lweLinux sele lubandakanya inkxaso ye-SELinux, awudingi ukwakha okanye ukufaka ukukhutshwa kwe-NSA kwe-SELinux.
  7. Ihambelana njani iLinux eyomelezwa ngokhuseleko kunye neLinux engalungiswanga?
    Ukhuseleko-i-Linux eyomeleziweyo ibonelela ngokuhambelana kokubini kunye nezicelo zeLinux ezikhoyo kunye neemodyuli ezikhoyo ze-Linux kernel, kodwa ezinye iimodyuli zekernel zinokufuna uhlengahlengiso ukuze zisebenze ngokufanelekileyo ngeSELinux. Ezi ndidi zimbini zokuhambelana zixoxwa ngokweenkcukacha ngezantsi:

    • Ukuhambelana kwesicelo
      I-SELinux ibonelela ngokuhambelana kokubini kunye nezicelo ezikhoyo. Sandise ulwakhiwo lwedatha ye-kernel ukubandakanya iimpawu ezintsha zokhuseleko kwaye songeze iifowuni ezintsha ze-API zosetyenziso lokhuseleko. Nangona kunjalo, asitshintshanga naluphi na usetyenziso olubonakalayo lwedatha, kwaye asitshintshanga ujongano lwazo naziphi na iifowuni zesixokelelwano esele sikhona, ngoko ke usetyenziso olukhoyo lusenokwenza ukuba umgaqo-nkqubo wokhuseleko ubavumele.
    • Ukuhambelana kwemodyuli yeKernel
      Ekuqaleni, i-SELinux ibonelele kuphela ukuhambelana kokuqala kwiimodyuli ezikhoyo zekernel; Bekuyimfuneko ukuphinda kuqokelelwe iimodyuli ezinjalo ezineentloko zekernel ezilungisiweyo ukuze kuchongwe imihlaba emitsha yokhuseleko eyongezwe kulwakhiwo lwedatha yekernel. Ngenxa yokuba i-LSM kunye ne-SELinux ngoku zidityanisiwe kwi-Linux 2.6 kernel engundoqo, i-SELinux ngoku ibonelela ngokuhambelana nokubini kunye neemodyuli zekernel ezikhoyo. Nangona kunjalo, ezinye iimodyuli ze-kernel zinokunganxibelelani kakuhle ne-SELinux ngaphandle kokuguqulwa. Umzekelo, ukuba imodyuli ye-kernel yabela ngokuthe ngqo kwaye icwangcisa into yekernel ngaphandle kokusebenzisa imisebenzi yokuqalisa yesiqhelo, into ke leyo yekernel ayinakuba nolwazi olufanelekileyo lokhuseleko. Ezinye iimodyuli zekernel zisenokungabi nalawulo olufanelekileyo lokhuseleko kwimisebenzi yazo; Naziphi na iifowuni ezikhoyo kwimisebenzi ye-kernel okanye imisebenzi yemvume iyakubangela uqwalaselo lwemvume ye-SELinux, kodwa ulawulo olucokisekileyo okanye olongezelelweyo lunokufuneka ukunyanzelisa imigaqo-nkqubo ye-MAC.
      I-Linux eyomeleziweyo yokhuseleko akufunekanga idale iingxaki zentsebenziswano kunye neenkqubo zeLinux eziqhelekileyo ukuba yonke imisebenzi eyimfuneko ivunyelwe luqwalaselo lomgaqo-nkqubo wokhuseleko.
  8. Yintoni injongo yomzekelo wolungiselelo lomgaqo-nkqubo wokhuseleko?
    Kwinqanaba eliphezulu, injongo kukubonisa ukuguquguquka kunye nokukhuseleka kokulawulwa kokufikelela okunyanzeliswayo kunye nokubonelela ngenkqubo yokusebenza elula kunye notshintsho oluncinci lwesicelo. Kwinqanaba eliphantsi, umgaqo-nkqubo unesethi yeenjongo, ezichazwe kumaxwebhu omgaqo-nkqubo. Ezi njongo ziquka ukulawula ukufikelela kwedatha ekrwada, ukukhusela ingqibelelo ye-kernel, isoftware yenkqubo, ulwazi lokucwangciswa kwenkqubo kunye neenkqubo zokungena kwenkqubo, ukunciphisa umonakalo onokuthi ubangelwe kukuxhaphaza ubuthathaka kwinkqubo efuna amalungelo, ukukhusela iinkqubo ezikhethekileyo ekuphumezeni okungalunganga. ikhowudi, khusela indima yolawulo kunye ne-domain ekungeneni ngaphandle kokuqinisekiswa komsebenzisi, ukukhusela iinkqubo eziqhelekileyo zabasebenzisi ekuphazamiseni inkqubo okanye iinkqubo zolawulo, kunye nokukhusela abasebenzisi kunye nabalawuli ekusebenziseni ubuthathaka kwisikhangeli sabo ngekhowudi yeselula enobungozi.
  9. Kwakutheni ukuze iLinux ikhethwe njengeqonga elisisiseko?
    I-Linux yakhethwa njengeqonga lokuphunyezwa kwereferensi yokuqala yalo msebenzi ngenxa yempumelelo yayo ekhulayo kunye nemekobume yophuhliso evulekileyo. I-Linux inika ithuba elihle lokubonisa ukuba lo msebenzi unokuphumelela kwi-host operating system kwaye, kwangaxeshanye, ube negalelo kukhuseleko lwenkqubo esetyenziswa ngokubanzi. Iqonga leLinux likwabonelela ngethuba elibalaseleyo kulo msebenzi wokufumana owona mbono ubanzi kakhulu kwaye mhlawumbi usebenze njengesiseko sophando olongezelelweyo lokhuseleko ngabanye abanomdla.
  10. Kwakutheni ukuze wenze lo msebenzi?
    ILebhu yoPhando ngoKhuseleko lweSizwe I-Arhente yoKhuseleko yeSizwe inoxanduva lophando kunye nophuhliso lobuchwephesha obuphambili ukwenza ukuba i-NSA ibonelele ngezisombululo zokhuseleko lolwazi, iimveliso, kunye neenkonzo kwiziseko zolwazi ezibaluleke kakhulu kukhuseleko lwelizwe lase-U.S.
    Ukudala inkqubo esebenzayo ekhuselekileyo kuhlala kungumngeni omkhulu wophando. Injongo yethu kukudala uyilo olusebenzayo olubonelela ngenkxaso eyimfuneko yokhuseleko, iqhuba iinkqubo ngendlela ecacileyo kumsebenzisi, kwaye inomtsalane kubathengisi. Sikholelwa ukuba inyathelo elibalulekileyo ekufezekiseni le njongo kukubonisa indlela iindlela zokulawula ukufikelela ngokunyanzeliswa zinokuthi zihlanganiswe ngempumelelo kwinkqubo eyintloko yokusebenza.
  11. Oku kunxulumana njani nophando lwangaphambili lwe-OS NSA?
    Abaphandi kwiNational Assurance Research Laboratory ye-NSA baye basebenzisana ne-Secure Computing Corporation (SCC) ukuphuhlisa ulwakhiwo lonyanzeliso olunamandla noluguquguqukayo olusekwe kuNyanzeliso loHlobo, isixhobo esaqalwa yi-LOCK system. I-NSA kunye ne-SCC ziphuhlise iprototype yezakhiwo ezimbini ezisekwe kwi-Mach: DTMach kunye ne-DTOS (http://www.cs.utah.edu/flux/dtos/). I-NSA kunye ne-SCC emva koko basebenze kunye neQela loPhando lwe-Flux kwiYunivesithi yase-Utah ukuhambisa i-architecture kwi-Fluke Research Operating System. Ngexesha lokufuduka, i-architecture iye yaphuculwa ukunika inkxaso engcono kwiinkqubo zokhuseleko eziguqukayo. Olu lwakhiwo luphuculweyo lubizwe ngokuba yiFlask (http://www.cs.utah.edu/flux/flask/). Ngoku i-NSA idibanise i-Flask architecture kwi-Linux system yokusebenza ukuzisa iteknoloji kumphuhlisi obanzi kunye noluntu lwabasebenzisi.
  12. Ngaba iLinux enokhuseleko olongeziweyo yinkqubo ethembekileyo yokusebenza?
    Ibinzana elithi "Isixokelelwano sokuSebenza esiThenjiweyo" libhekisa ngokubanzi kwisixokelelwano esisebenzayo esibonelela ngenkxaso eyaneleyo yokhuseleko olucwangcisiweyo kunye nokuqinisekisa ukuhlangabezana neseti ethile yeemfuno zikarhulumente. ILinux eyomelezwe ngokhuseleko ibandakanya ulwazi oluluncedo olusuka kwezi nkqubo, kodwa igxile kulawulo olunyanzelweyo lofikelelo. Injongo yokuqala yokuphuhlisa ukhuseleko lwe-Linux yayikukudala umsebenzi oluncedo obonelela ngeenzuzo zokhuseleko olubonakalayo kuluhlu olubanzi lweemeko zehlabathi zokwenyani ukubonisa obu buchwepheshe. I-SELinux ayisiyiyo inkqubo yokusebenza ethembekileyo, kodwa ibonelela ngenqaku elibalulekileyo lokhuseleko-unyanzeliso lolawulo lokufikelela- oluyimfuneko kwinkqubo yokusebenza ethembekileyo. I-SELinux idityaniswe kwii-Linux zosasazo eziye zakalwa ngokweProfayili yoKhuselo loKhuseleko oluLabhelisiweyo. Ulwazi malunga neemveliso ezivavanyiweyo nezivavanyiweyo zinokufumaneka apha http://niap-ccevs.org/.
  13. Ngaba ukhuselwe ngokwenene?
    Ingqikelelo yenkqubo ekhuselekileyo iquka iimpawu ezininzi (umzekelo, ukhuseleko lomzimba, ukhuseleko lwabasebenzi, njl. njl.), kunye ne-Linux eneedilesi zokhuseleko oluphezulu kuphela iseti emxinwa kakhulu yezi mpawu (oko kukuthi, ulawulo lonyanzeliso lwenkqubo yokusebenza). Ngamanye amazwi, "inkqubo ekhuselekileyo" ithetha ukukhuseleka ngokwaneleyo ukukhusela ulwazi oluthile kwihlabathi lokwenyani kumchasi wokwenyani apho umnini kunye/okanye umsebenzisi wolwazi alunyukiswa ngaye. I-Linux eyomeleziweyo yokhuseleko yenzelwe kuphela ukubonisa ulawulo olufunekayo kwinkqubo yokusebenza yale mihla efana neLinux, kwaye ngokwayo ayinakufane ilingane nayiphi na inkcazo enomdla yenkqubo ekhuselekileyo. Sikholelwa ukuba itekhnoloji eboniswe kwiLinux yokhuseleko iya kuba luncedo kubantu abakha iinkqubo ezikhuselekileyo.
  14. Yintoni oyenzileyo ukuphucula isiqinisekiso?
    Injongo yale projekthi ibikukongeza ulawulo lokungena ngenkani kunye notshintsho oluncinci kwiLinux. Le njongo yokugqibela inciphisa ngokuqatha into enokwenziwa ukuphucula iwaranti, ngoko khange kubekho msebenzi wokuphucula iwaranti yeLinux. Kwelinye icala, uphuculo lwakha kumsebenzi wangaphambili ekuyileni uyilo lokhuseleko oluphezulu, kwaye uninzi lwale migaqo yoyilo iye yathwalelwa kwiLinux yoKhuseleko.
  15. Ngaba i-CCEVS iya kuyivavanya iLinux ngokhuseleko olongeziweyo?
    Iyodwa, iLinux enokhuseleko olomeleziweyo ayenzelwanga ukulungisa iseti epheleleyo yeengxaki zokhuseleko ezimelwe yinkangeleko yokhuseleko. Ngelixa kunokwenzeka ukuvavanya kuphela ukusebenza kwayo kwangoku, sikholelwa ukuba uvandlakanyo olunjalo lunokuba nexabiso elilinganiselweyo. Nangona kunjalo, sisebenze nabanye ukubandakanya obu buchwepheshe kunikezelo lweLinux oluvavanyiweyo kunye nokuhanjiswa okuvavanywayo. Ulwazi malunga neemveliso ezivavanyiweyo nezivavanyiweyo zinokufumaneka apha http://niap-ccevs.org/.
  16. Ngaba ukhe wazama ukulungisa naziphi na iziphene?
    Hayi, asikhange sijonge okanye sifumane nabuphi na ubuthathaka ngexesha lomsebenzi wethu. Sinikele kuphela ngokwaneleyo ngokobuncinane obuncinane ukongeza iigiya zethu ezintsha.
  17. Ngaba le nkqubo ivunyiwe ukuba isetyenziswe ngurhulumente?
    Ukhuseleko lwe-Linux alunamkelo lukhethekileyo okanye olongezelelweyo losetyenziso lukarhulumente phezu kwalo naluphi na olunye uhlobo lweLinux.
  18. Kwahluke njani oku kwamanye amaphulo?
    I-Linux eyomeleziweyo yokhuseleko inolwakhiwo oluchazwe kakuhle lolawulo lofikelelo olunyanzeliswayo oluye lwavavanywa ngeendlela ezininzi zeprototype (DTMach, DTOS, Flask). Izifundo ezineenkcukacha zenziwe kwisakhono soyilo ukuxhasa uluhlu olubanzi lwemigaqo-nkqubo yokhuseleko kwaye iyafumaneka http://www.cs.utah.edu/flux/dtos/ ΠΈ http://www.cs.utah.edu/flux/flask/.
    Uyilo lwezakhiwo lubonelela ngolawulo olucokisekileyo kwizinto ezininzi zokutsalwa kwe-kernel kunye neenkonzo ezingalawulwayo zezinye iinkqubo. Ezinye zeempawu ezahlukileyo zenkqubo yeLinux enokhuseleko olwandisiweyo zezi:

    • Ukwahlulwa okusulungekileyo komgaqo-nkqubo kumalungelo onyanzeliso
    • Ujongano lomgaqo-nkqubo oluchazwe kakuhle
    • Ukuzimela kwimigaqo-nkqubo ethile kunye neelwimi zomgaqo-nkqubo
    • Ukuzimela kwiifomati ezithile kunye nomxholo weelebhile zokhuseleko
    • Ukwahlula iileyibhile kunye noLawulo lweziNto zeKernel kunye neeNkonzo
    • Izigqibo zokuFikelela kwi-Caching ukuze usebenze kakuhle
    • Inkxaso yotshintsho lomgaqo-nkqubo
    • Ukulawula ukuqaliswa kwenkqubo kunye nelifa kunye nokwenziwa kwenkqubo
    • Lawula iinkqubo zefayile, abalawuli, iifayile, kunye neenkcazelo zeefayile ezivulekileyo
    • Ukulawula iisokethi, imiyalezo kunye nojongano lwenethiwekhi
    • Ukulawula ukusetyenziswa kwe "Amathuba"
  19. Zeziphi izithintelo zokukhutshwa kweelayisenisi kule nkqubo?
    Yonke ikhowudi yemvelaphi ifunyenwe kwisiza https://www.nsa.gov, isasazwa phantsi kwemiqathango efanayo njengeekhowudi zomthombo wokuqala. Umzekelo, ulungiso lwe Linux kernel kunye nokulungiswa kwezinto ezininzi ezikhoyo apha zikhutshwa phantsi kwemigaqo. I-GNU jikelele yoLuntu yeMvume (GPL).
  20. Ngaba kukho ulawulo lokuthumela ngaphandle?
    Akukho zilawuli zokuthumela ngaphandle ezongezelelweyo zeLinux ezinokhuseleko olongeziweyo xa kuthelekiswa naluphi na olunye uhlobo lweLinux.
  21. Ngaba i-NSA iceba ukuyisebenzisa ekhaya?
    Ngezizathu ezicacileyo, i-NSA ayithethi nto ngokusetyenziswa komsebenzi.
  22. Ingaba i-26 kaJulayi 2002 iNgxelo yeziQinisekiso esuka kwiSecure Computing Corporation iyasitshintsha isimo se-NSA sokuba iSELinux yenziwe ifumaneke phantsi kweGNU General Public License?
    Isikhundla se-NSA asikatshintshi. I-NSA isakholelwa ukuba imigaqo nemiqathango ye-GNU Jikelele yeLayisensi yoLuntu ilawula ukusetyenziswa, ukukopa, ukusasazwa, kunye nokuguqulwa kwe-SELinux. I-cm. Ushicilelo lwe-NSA ngoJanuwari 2, 2001.
  23. Ngaba i-NSA iyayixhasa isoftware yomthombo ovulekileyo?
    Amanyathelo okhuseleko lwesoftware ye-NSA aqala kwisoftware yomnini kunye nevulelekileyo, kwaye sisebenzise ngempumelelo zombini iimodeli zobunikazi kunye nemithombo evulelekileyo kwimisebenzi yethu yophando. Umsebenzi we-NSA wokuphucula ukhuseleko lwesoftware ukhuthazwa yingqwalaselo enye elula: ukwenza uninzi lwezixhobo zethu ukunika abathengi be-NSA ezona ndlela zingcono zokhuseleko kwiimveliso zabo ezisetyenziswa kakhulu. Injongo yenkqubo yophando ye-NSA kukuphuhlisa inkqubela phambili yezobuchwepheshe enokuthi kwabelwane ngayo noluntu lophuhliso lwesoftware ngokusebenzisa iindlela ezahlukeneyo zokudluliselwa. I-NSA ayikhuthazi okanye ikhuthaze nayiphi na imveliso yesoftware okanye imodeli yeshishini. Kunoko, i-NSA ikhuthaza ukhuseleko.
  24. Ngaba i-NSA iyayixhasa iLinux?
    Njengoko kuphawuliwe ngasentla, i-NSA ayikhuthazi okanye ikhuthaze nayiphi na imveliso yesoftware okanye iqonga; I-NSA inegalelo kuphela ekunyuseni ukhuseleko. Uyilo lwe-Flask olubonakaliswe ekuphunyezweni kwesalathiso se-SELinux lufakwe kwezinye iinkqubo ezininzi zokusebenza ezibandakanya i-Solaris, i-FreeBSD, kunye ne-Darwin, ifakwe kwi-Xen hypervisor, kwaye isetyenziswe kwizicelo ezifana ne-X Window System, i-GConf, i-D-BUS, kunye ne-PostgreSQL. . Iingqikelelo zoyilo lweflask zisebenza ngokubanzi kuluhlu olubanzi lweenkqubo kunye nokusingqongileyo.

Ukudibana

  1. Sicwangcisa njani ukusebenzisana noluntu lweLinux?
    Si iseti yamaphepha ewebhu kwi-NSA.gov, eya kusebenza njengendlela yethu ephambili yokupapasha ulwazi lwe-Linux oluphuculweyo. Ukuba unomdla kwiLinux ngokhuseleko oluphuculweyo, siyakukhuthaza ukuba ujoyine uluhlu lokuposa lomphuhlisi, jonga ikhowudi yemvelaphi, kwaye unike ingxelo yakho (okanye ikhowudi). Ukujoyina uluhlu lokuposa lwabaphuhlisi, bona SELinux abaphuhlisi bephepha loluhlu lokuposa.
  2. Ngubani onokunceda?
    I-SELinux ngoku igcinwe kwaye iphuculwe ngumthombo ovulekileyo wesoftware yeLinux.
  3. Ngaba i-NSA ixhasa ngemali nawuphi na umsebenzi wokulandelisa?
    I-NSA okwangoku ayizithatheli ngqalelo izindululo zomsebenzi owongezelelweyo.
  4. Loluphi uhlobo lwenkxaso olukhoyo?
    Sijonge ukusombulula imiba ngoluhlu lokuposa [imeyile ikhuselwe], kodwa asiyi kukwazi ukuphendula yonke imibuzo enxulumene nesiza esithile.
  5. Ngubani owancedayo? Benza ntoni?
    Iprototype yeLinux eyomelezwe ngokhuseleko yaphuhliswa yi-NSA kunye namaqabane ophando avela kwi-NAI Labs, iSecure Computing Corporation (SCC), kunye ne-MITER Corporation. Kwalandela imathiriyeli eninzi ngakumbi emva kokukhululwa kokuqala koluntu. Jonga uluhlu lwabathathi-nxaxheba.
  6. Ndingafumana njani ngakumbi?
    Siyakukhuthaza ukuba undwendwele amaphepha ethu ewebhu, ufunde amaxwebhu kunye namaphepha ophando adlulileyo, kwaye uthathe inxaxheba kuluhlu lwethu lokuposa. [imeyile ikhuselwe]

Ngaba uyifumana iluncedo inguqulelo? Bhala izimvo!

umthombo: www.habr.com

Yongeza izimvo