Role-based access control in SELinux

Role-based access control in SELinux
BugsAlert Home > Role-based access control in SELinux




LinuxSecurity.com: Serge E. Hallyn, in his follow up to SELinux from Scratch goes into more detail on how best to utilize SELinux to its fullest potential. In this particular example, he uses the metaphor of writing a policy over a cash-register system... Very useful overview indeed. The security policy implemented in Security-Enhanced Linux (SELinux) is type enforcement (TE) under a layer of role-based access control (RBAC). (SELinux also orthogonally implements multi-level security (MLS), which is outside the scope of this article.) TE is the most visible, and therefore the most well known, server because it enforces fine-grained permissions: when something breaks because of unexpected access denials, TE is most likely responsible. In TE, a process's security domain (its domain of influence over the system) is determined by the task's history and the currently executing program. Original Source: http://www.linuxsecurity.com/content/view/134538?rdf Learn more about Role-based access control in SELinux


Tags: role-based access control selinux

Related Items
A Secure Nagios Server
Xoops XM-Memberstats Module "letter" and "sortby" SQL Injection
PHP Coupon Script "id" SQL Injection Vulnerability
KU Credit Union phishing messages from ku.edu accounts
CVE-2007-6623 (ZeusCMS)
Mandriva: Subject: [Security Announce] [ MDVA-2008:163 ] mdkonline
CVE-2008-4535 (ec-cube)