لطفا منتظر باشید ...
7.1 The SELinux Type-Enforcement Model
As explained in Chapter 2, the SELinux
type-enforcement model associates each
process with a domain and each nonprocess object with a
type.[1] Permissions define the operations that
can be performed upon objects. Thus, you can think of a domain as a
set of related processes that share the same permissions. For
instance, the Apache web server process runs within the
httpd_t
domain and therefore possesses the
permissions associated with that domain. The SELinux policy grants
permissions to domains and specifies rules for transitioning between
domains.[1] Recall that, in the context of SELinux, the
words domain and type are
synonymous; however, it's customary to use domain in
reference to processes and type in reference to nonprocess
objects.
Permissions are encoded as access vectors, which specify the
operations that a domain is authorized to perform on objects of a
given type, such as files. Thus, you can think of an
object's type as implicitly referring to the set of
rulesthat is, the access vectorthat specify the
permissible operations on the object. For instance, access vector
rules enable processes within the httpd_t
domain
to write to the web server log files.Under Linux, processes fork new processes when they execute programs.
The new process is called a
child
process and the process that forked the child process is
called a parent process. The child process may
run within the same domain as the parent. Alternatively, the SELinux
policy may specify a new domain to enter when the process is forked.
Programs that can enter new domains upon execution are called
domain entry points.
For instance, the init
run-control processes are
associated with the initrc_t
domain. However, when
the init
process starts the web server process,
the web server process does not run in this domain. Instead, the web
server process automatically transitions to the
httpd_t
domain, as specified by the SELinux
policy.
