Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 234 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
234
Dung lượng
9,95 MB
Nội dung
[...]... SELinux is provided by the NSA: The NSA's SELinux http://www.nsa.gov /selinux The web site includes a FAQ, available at http://www.nsa.gov /selinux/ info/faq.cfm In addition, various Linux distributors and interested parties provide SELinux- related web pages and FTP sites Among the most popular and useful are: Kerry Thompson's SELinux http://www.crypt.gen.nz /selinux Network Associates SELinux http://opensource.nailabs.com /selinux. .. http://www.crypt.gen.nz /selinux Network Associates SELinux http://opensource.nailabs.com /selinux Russell Coker's SELinux http://www.coker.com.au /selinux SELinux for Debian http://www.microcomaustralia.com.au/debian SELinux for Distributions http:/ /selinux. sourceforge.net SELinux for Fedora Core http://fedora.redhat.com/projects /selinux ABC Amber CHM Converter Trial version, http://www.processtext.com/abcchm.html... attribution usually includes the title, author, publisher, and ISBN For example: "SELinux: NSA's Open Source Security Enhanced Linux, by Bill McCarty Copyright 2004 O'Reilly Media, Inc., 0-5 9 6-0 071 6-7 ." If you feel your use of code examples falls outside fair use or the permission given above, feel free to contact us at permissions @oreilly. com < Day Day Up > ABC Amber CHM Converter Trial version, http://www.processtext.com/abcchm.html... > Chapter 2 Overview of the SELinux Security Model The main purpose of this chapter is to introduce you to SELinux terms and concepts helpful in the installation and initial configuration of SELinux, which is covered in Chapter 3 This chapter presents an overview of the security model implemented by SELinux, which is based on the Flask architecture designed by the NSA (SELinux is ultimately grounded... decades, such as those described in the so-called "Orange Book."[1]) Because of this chapter's practical aim, its emphasis is on basic Flask and SELinux concepts and terms Chapter 5 explains the SELinux security model in greater detail In addition to providing an overview of SELinux functions, Chapter 5 provides an overview of SELinux architecture, describing each major SELinux component [1] DoD Trusted Computer... architecture within the open source Linux operating system Their work was released to the public in December 2000, as an open source product Subsequently, Linux 2.5 was modified to incorporate LSMs, a kernel feature intended to simplify integration among SELinux, similar products, and the Linux operating system This modification was carried forward to Linux 2.6 when development of Linux 2.5 was deemed... Converter Trial version, http://www.processtext.com/abcchm.html 1.2 SELinux Features SELinux is a software product that includes several mechanisms that protect against attacks exploiting software vulnerabilities, including attacks on 0-day vulnerabilities In particular, SELinux implements role-based access control and sandboxing SELinux also provides a logging and audit facility that records attempts... noncommercial Linux distributions, including Debian GNU /Linux and Gentoo Linux Several Linux distributions augment SELinux with other security mechanisms For instance, Gentoo Linux can be configured to compile the Linux kernel and applications to work with either of two mechanisms: PaX Provides a variety of protections against attacks, including Address Space Layout Randomization (ASLR) See http://pax.grsecurity.net/docs/pax.txt... More recently, several Linux distributors have announced plans to support SELinux within their Linux distributions Among these are Red Hat, distributor of the commercial Linux distribution with the largest market share in the U.S and worldwide, and SUSE, distributor of Europe's leading Linux distribution SELinux is already a standard component of Fedora Core, the noncommercial Linux distribution whose... grammatical mind is called), let's explore the relationship between grammar, SELinux, and computer security At its root, the SELinux security model encompasses three elements: • • • Subjects • • Objects • Actions Subjects are the actors within a computer system You might initially think that users would be the subjects of the SELinux security model, especially if your experience with computer systems has . 2.6. SELinux Architecture Chapter 3. Installing and Initially Configuring SELinux Section 3.1. SELinux Versions Section 3.2. Installing SELinux Section 3.3. Linux Distributions Supporting SELinux . publisher, and ISBN. For example: " ;SELinux: NSA's Open Source Security Enhanced Linux, by Bill McCarty. Copyright 2004 O'Reilly Media, Inc., 0-5 9 6-0 071 6-7 ." If you feel your use. Troubleshooting SELinux Chapter 5. SELinux Policy and Policy Language Overview Section 5.1. The SELinux Policy Section 5.2. Two Forms of an SELinux Policy Section 5.3. Anatomy of a Simple SELinux Policy