NSA releases new version of Linux software

WASHINGTON, March 24 (UPI) -- The U.S. National Security Agency has released its own version of the open-source computer operating system Linux, which offers enhanced security for users.

The new software was rolled out earlier this month to an e-mail list for users of Linux -- an operating system that many experts believe provides a more secure alternative to the ubiquitous Microsoft Windows. Linux is open-source, which means the core code is available to programmers to improve, as the NSA has done with its latest version of the so-called Security-Enhanced Linux, or SELinux.

The version provides what experts call Mandatory Access Control, which essentially limits the kind of instructions that software packages and users can issue to the computer, helping guard against hackers compromising it. MAC "confine(s) user programs and system servers to the minimum amount of privilege they require to do their jobs," says the agency on its Web site.

"This work is not intended as a complete security solution," said the agency in a March 5 statement about the latest update. "It is simply an example of how mandatory access controls that can confine the actions of any process, including an administrator process, can be added into a system."

The agency added the security features of the system were limited. "The focus of this work has not been on system assurance or other security features such as security auditing, although these elements are also important for a secure system."

The release was first reported by Government Computer News. The NSA has been working on SELinux since 2000, and it has been available to Linux users since 2003.

The NSA is also pushing for MAC to be made an option for Internet servers using the Network File System protocol, according to the Dark Reading IT security Web site.

The site said the proposal was discussed at a meeting of the Internet Engineering Task Force in Philadelphia earlier this month.