SELinux
SELinux
2SELinux
Wikipedia says:
Wikipedia says:
Security-Enhanced Linux (SELinux) is an
Security-Enhanced Linux (SELinux) is an
implementation of mandatory access control using
implementation of mandatory access control using
Linux Security Modules (LSM) in the Linux kernel,
Linux Security Modules (LSM) in the Linux kernel,
based on the principle of least privilege. It is not a
based on the principle of least privilege. It is not a
Linux distribution, but rather a set of modifications
Linux distribution, but rather a set of modifications
that can be applied to Unix-like operating systems,
that can be applied to Unix-like operating systems,
such as Linux and BSD.
such as Linux and BSD.
3SELinux
What is SELinux?
What is SELinux?
A kernel level MAC (Mandatory Access Control) implementation for Linux
A kernel level MAC (Mandatory Access Control) implementation for Linux
Originally commissioned and built by/for the NSA
Originally commissioned and built by/for the NSA
A head-ache for the uninitiated
A head-ache for the uninitiated
Very effective if done right
Very effective if done right
Not the usual case BTW
Not the usual case BTW
One of three well known MAC implementations
One of three well known MAC implementations
Trusted Solaris
Trusted Solaris
Mainframe “Top Secret” and RACF.
Mainframe “Top Secret” and RACF.
Top Secret is a product of Computer Associates
Top Secret is a product of Computer Associates
RACF – Resource Access Control Facility
RACF – Resource Access Control Facility
RACF is the access control system used by IBM on its mainframe line of computers
RACF is the access control system used by IBM on its mainframe line of computers
4SELinux
Access Control Philosophies
Access Control Philosophies
MAC: Mandatory Access Control
MAC: Mandatory Access Control
Cannot be worked around
Cannot be worked around
I own it, not you.
I own it, not you.
Ex: Directory “Secret” is owned by “Agent”. “Agent” does not have
Ex: Directory “Secret” is owned by “Agent”. “Agent” does not have
authority to grant access to others. Only the “Owner” does.
authority to grant access to others. Only the “Owner” does.
DAC: Discretionary Access Control
DAC: Discretionary Access Control
It’s yours, do what you will.
It’s yours, do what you will.
Same example: “Agent” can grant access to whomever she cares.
Same example: “Agent” can grant access to whomever she cares.
RBAC: Role Based Access Control
RBAC: Role Based Access Control
Depending on what your role is, maybe.
Depending on what your role is, maybe.
If “Agent” has the correct Role, she can, otherwise she can’t.
If “Agent” has the correct Role, she can, otherwise she can’t.
5SELinux
SELinux past tense.
SELinux past tense.
Auditing and reporting support very limited and poorly integrated
Auditing and reporting support very limited and poorly integrated
in SELinux.
in SELinux.
One big ugly policy.
One big ugly policy.
No decent interface for managing policies.
No decent interface for managing policies.
SLIDE (new tool)
SLIDE (new tool)
Building policies was a flat file hack style.
Building policies was a flat file hack style.
Fresh files got no label. You had to comb the system to find and
Fresh files got no label. You had to comb the system to find and
label them manually.
label them manually.
Poor scalability with SMP.
Poor scalability with SMP.