لطفا منتظر باشید ...
1.4 SELinux History
SELinux, though only recently released
to the public as a software product, has a substantial heritage.
SELinux descends from work that began several decades ago. In 1973,
computer scientists David Bell and Leonard
LaPadula
defined the concept of a secure system state and published a formal
model describing a multilevel security system.Later, in the 1980s, the work of Bell and LaPadula strongly
influenced the U.S. government's development of the
Trusted Computer
System Evaluation Criteria (TCSEC, popularly known as the Orange
Book). The TCSEC defined six evaluation classes with progressively
more stringent security requirements: C1, C2, B1, B2, B3, and A1.
Class C1 and C2 systems, like Linux, depended upon discretionary
access controls. Class B1 systems and systems of higher classes had
to, like SELinux, implement mandatory access controls.During the 1990s, researchers at the U.S.
National Security Agency
(NSA) worked with Secure Computing Corporation (SCC)
to develop a strong and flexible mandatory access control
architecture. Initially, their work focused on theoretical proofs of
the properties and characteristics of the architecture. Eventually,
working with a research team at the University of Utah, they
developed a working prototype of the architecture called Flask within
Fluke, a research operating system.Later, NSA researchers worked with Network Associates and the R&D
firm MITRE
to implement the architecture within the open source Linux operating
system. Their work was released to the public in December 2000, as an
open source product.Subsequently, Linux 2.5 was modified to incorporate LSMs, a kernel
feature intended to simplify integration among SELinux, similar
products, and the Linux operating system. This modification was
carried forward to Linux 2.6 when development of Linux 2.5 was deemed
complete.More recently, several Linux distributors have announced plans to
support SELinux within their Linux distributions. Among these are
Red Hat, distributor
of the commercial Linux distribution with the largest market share in
the U.S. and worldwide, and SUSE, distributor of
Europe's leading Linux distribution. SELinux is
already a standard component of Fedora Core, the noncommercial Linux
distribution whose development is sponsored by Red Hat, and several
other noncommercial Linux distributions, including Debian GNU/Linux
and Gentoo
Linux.Several Linux distributions augment SELinux with other security
mechanisms. For instance, Gentoo Linux can be configured to compile
the Linux kernel and applications to work with either of two
mechanisms:PaX
Provides a
variety of protections against attacks, including
Address Space Layout
Randomization (ASLR). See http://pax.grsecurity.net/docs/pax.txt.
Propolice
Provides protection against stack-smashing
attacks. See http://www.research.ibm.com/trl/projects/security/ssp.
Clearly, SELinuxoriginally a product of the highly secretive
NSAis becoming a mainstream technology.
Demo Systems
One
of the best ways to observe the high level of security possible by
using SELinux is to visit one of the SELinux demonstration systems
provided for public use. Using an SSH client, you can remotely log
into a demonstration system as the root user and try to hack your way
to escalated privileges. Most likely, you'll
completely fail.One such system is the demonstration system hosted by
Gentoo's Hardened
Project, described at http://selinux.dev.gentoo.org. Another
demonstration system, a Fedora Core system administered by
Russell Coker, is described at http://www.coker.com.au/selinux/playl.
Finally, a demonstration system running Debian is described at http://selinux.simplyaquatics.com.
