Escolar Documentos
Profissional Documentos
Cultura Documentos
Wikipedia says:
Security-Enhanced Linux (SELinux) is an
implementation of mandatory access
control using Linux Security Modules
(LSM) in the Linux kernel, based on the
principle of least privilege. It is not a
Linux distribution, but rather a set of
modifications that can be applied to Unixlike operating systems, such as Linux and
BSD.
SELinux
What is SELinux?
RACF is the access control system used by IBM on its mainframe line of computers
SELinux
SELinux
SELinux
Recent improvements.
FC4 policy now has over 120 confined domains, updates in Hardened Gentoo, and
support being mainstreamed into Debian.
MultiLevel Security support enhanced and mainstreamed.
Audit system enhanced and increasingly integrated.
RHEL5 entered into evaluation against CAPP (Controlled Access Protection Profile),
LSPP (Labeled Security Protection Profile) , and RBAC (Role Based Access Control)
with SELinux coverage.
Loadable policy modules, build and package policy modules separately.
Policy management API (libsemanage)
Improved support for policy development: Polgen, SEEdit, SLIDE, CDS Framework.
Atomic labeling of new files.
File security labels visible for all filesystems exactly as seen by SELinux.
Major improvements in SMP scalability.
Significant reduction in kernel memory use by policy.
SELinux
Who Cares?
SELinux
SELinux
Terminology:
SELinux
10
Hobbiest/Enthusiest
Cracker/Malicious Type
SELinux
11
Hobbiest/Enthusiest
How it applies
SELinux
12
13
Cracker/Malicious Type
Not really a big deal unless theyre working against government systems.
Very few corporate shops are running it today.
Still just another control model, just like DAC (Discretionary Access
Control) or RBAC. Granted, a lot tighter than DAC, and has many
similarities to RBAC.
SELinux
14
Reference material:
SELinux
15