SELinux [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

SELinux [Electronic resources] - نسخه متنی

Bill McCarty

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

SELinux

Table of Contents

Copyright

Preface

Organization of This Book

Conventions Used in This Book

Using Code Examples

How to Contact Us

Acknowledgments

Chapter 1. Introducing SELinux

1.1 Software Threats and the Internet

1.2 SELinux Features

1.3 Applications of SELinux

1.4 SELinux History

1.5 Web and FTP Sites

Chapter 2. Overview of the SELinux Security Model

2.1 Subjects and Objects

2.2 Security Contexts

2.3 Transient and Persistent Objects

2.4 Access Decisions

2.5 Transition Decisions

2.6 SELinux Architecture

Chapter 3. Installing and Initially Configuring SELinux

3.1 SELinux Versions

3.2 Installing SELinux

3.3 Linux Distributions Supporting SELinux

3.4 Installation Overview

3.5 Installing SELinux from Binary or Source Packages

3.6 Installing from Source

Chapter 4. Using and Administering SELinux

4.1 System Modes and SELinux Tuning

4.2 Controlling SELinux

4.3 Routine SELinux System Use and Administration

4.4 Monitoring SELinux

4.5 Troubleshooting SELinux

Chapter 5. SELinux Policy and Policy Language Overview

5.1 The SELinux Policy

5.2 Two Forms of an SELinux Policy

5.3 Anatomy of a Simple SELinux Policy Domain

5.4 SELinux Policy Structure

Chapter 6. Role-Based Access Control

6.1 The SELinux Role-Based Access Control Model

6.2 Railroad Diagrams

6.3 SELinux Policy Syntax

6.4 User Declarations

6.5 Role-Based Access Control Declarations

Chapter 7. Type Enforcement

7.1 The SELinux Type-Enforcement Model

7.2 Review of SELinux Policy Syntax

7.3 Type-Enforcement Declarations

7.4 Examining a Sample Policy

Chapter 8. Ancillary Policy Statements

8.1 Constraint Declarations

8.2 Other Context-Related Declarations

8.3 Flask-Related Declarations

Chapter 9. Customizing SELinux Policies

9.1 The SELinux Policy Source Tree

9.2 On the Topics of Difficulty and Discretion

9.3 Using the SELinux Makefile

9.4 Creating an SELinux User

9.5 Customizing Roles

9.6 Adding Permissions

9.7 Allowing a User Access to an Existing Domain

9.8 Creating a New Domain

9.9 Using Audit2allow

9.10 Policy Management Tools

9.11 The Road Ahead

Appendix A. Security Object Classes

Appendix B. SELinux Operations

Appendix C. SELinux Macros Defined in src/policy/macros

Appendix D. SELinux General Types

Appendix E. SELinux Type Attributes

Colophon

Index

index_SYMBOL

index_A

index_B

index_C

index_D

index_E

index_F

index_G

index_H

index_I

index_K

index_L

index_M

index_N

index_O

index_P

index_Q

index_R

index_S

index_T

index_U

index_V

index_W

index_X

index_Z
توضیحات
افزودن یادداشت جدید








6.1 The SELinux Role-Based Access Control Model


As explained in previous chapters, the SELinux security model is
based primarily on a mechanism called type
enforcement (TE). Type enforcement assigns processes to
domains and restricts the operations each domain is permitted to
perform. The SELinux policy, which can be customized by a system
administrator, specifies the available domains and the operations
that processes within them are authorized to perform. Chapter 7 explains the SELinux type-enforcement model
in detail.

SELinux also includes a second security model, called
role-based access control (RBAC). Role-based
access control works alongside type enforcement: intended operations
are prohibited unless they're explicitly authorized
by both type enforcement and role-based access control. Of course,
intended operations must also satisfy any requirements imposed by
ordinary Linux discretionary access control mechanisms, such as file
permissions.

Role-based access control works fairly simply and has three parts.
First, each user is authorized for a set of roles. A user cannot
enter a role other than one for which the user is authorized. Second,
transitions between roles are authorized. A process can transition to
a new role only if transitions between its current role and the new
role are authorized. Finally, each role is authorized for a set of
domains. Any attempt to enter a nonauthorized role or domain is
prohibited by the SELinux security engine. Let's
consider some concrete examples.

Users are assigned roles by the
user

statement. For instance, the following statement assigns the roles
staff_r
and sysadm_r
to the
user bill
, permitting the user to enter either
role:

user bill roles { staff_r sysadm_r };

Transitions between roles are governed by

allow

statements. For instance, the following allow

statement authorizes processes running in the
staff_r
role to transition to the
sysadm_r
role:

allow staff_r sysadm_r;

Roles are authorized to enter domains by the
role
statement.
For instance, the following statement authorizes the role
sysadm_r
to enter the
ifconfig_t
domain:

role sysadm_r types ifconfig_t;

A domain can include multiple role
statements,
each authorizing one or more roles to enter the domain. Unless a
role
statement authorizes a particular role to
enter a domain, processes running in that role cannot enter the
domain.

Both type enforcement and role-based access control work by
inspecting security contexts. Recall that SELinux assigns a
security context to each
process, as well as to each instance of
other objects, such as files. A security context includes three
elements:

A user

A role

A type (domain)


Thus, at any time, the security context of a process indicates its
user identity and role identity, the characteristics considered by
role-based access control. A process can change its user or role
identity, but only if the current SELinux policy enables the specific
transition. For instance, SELinux policies typically permit changing
from the staff_r
role to the
sysadm_r
role, but prohibit other roles (such as
user_r
) from changing to
sysadm_r
.

Similarly, SELinux policies restrict access to domains, allowing only
processes running in specified roles to enter them. For instance, the
ifconfig_t
domain is authorized to perform various
operations that concern network interfaces, which ordinary users
should not generally be allowed to perform. Thus, entry to the domain
is restricted to processes running in the sysadm_r

role, which includes only users designated as system administrators.

Role-based access control governs processes rather than files or
other objects. So the security contexts of files and other objects
are simplified. Although these security contexts contain the three
elements common to all security contexts, the role associated with
objects other than processes is object_r
, which is
basically a mere placeholder.

The statements that express the SELinux role-based access control
policy provide more elaborate options than shown in the preceding
examples. To fully explain them, the following section introduces a
visual representation of syntax: the railroad diagram.


/ 100