Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK 74104.

Slides:



Advertisements
Similar presentations
Operating-System Structures
Advertisements

Operating System Security
1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.
JENNIS SHRESTHA CSC 345 April 22, Contents Introduction History Flux Advanced Security Kernel Mandatory Access Control Policies MAC Vs DAC Features.
Chapter 6 Security Kernels.
By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)
1 Flexible Mandatory Access Control (MAC) in Modern Operating Systems Jeffrey H. Jewell CS 591 December 7, 2009 Jeffrey H. Jewell CS 591 December 7, 2009.
Chapter 9 Building a Secure Operating System for Linux.
SELinux (Security Enhanced Linux) By: Corey McClurg.
Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.
Lesson 4: Configuring File and Share Access
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.
SELinux. 2SELinux Wikipedia says: Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM)
Linux Security.
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
What is Unix Prepared by Dr. Bahjat Qazzaz. What is Unix UNIX is a computer operating system. An operating system is the program that – controls all the.
Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.
Computer Security & OS Lab. DKU May 26 Younsik Jeong Ph.D. Student.
Secure Operating Systems
SELinux US/Fedora/13/html/Security-Enhanced_Linux/
Chapter 7: WORKING WITH GROUPS
Home Media Network Hard Drive Training for Update to 2.0 By Erik Collett Revised for Firmware Update.
Controlling Files Richard Newman based on Smith “Elementary Information Security”
Linux kernel security Professor: Mahmood Ranjbar Authors: mohammad Heydari Mahmood ZafarArjmand Zohre Alihoseyni Maryam Sabaghi.
Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.
FOSS Security through SELinux (Security Enhanced Linux) M.B.G. Suranga De Silva Information Security Specialist TECHCERT c/o Department of Computer Science.
Module 7: Fundamentals of Administering Windows Server 2008.
1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02.
CE Operating Systems Lecture 3 Overview of OS functions and structure.
Chapter 7 Securing Commercial Operating Systems. Chapter Overview Retrofitting Security into a Commercial OS History of Retrofitting Commercial OS's Commercial.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
SELinux. The need for secure OS Increasing risk to valuable information Dependence on OS protection mechanisms Inadequacy of mainstream operating systems.
Lecture 18 Page 1 CS 111 Online OS Use of Access Control Operating systems often use both ACLs and capabilities – Sometimes for the same resource E.g.,
Wireless and Mobile Security
Chapter 9: Networking with Unix and Linux. Objectives: Describe the origins and history of the UNIX operating system Identify similarities and differences.
Trusted Operating Systems
The SELinux of First Look. Prologue After many discussions with a lot of Linux users, I’ve come to realize that most of them seem to disable SELinux rather.
SCSC 455 Computer Security Chapter 3 User Security.
Security-Enhanced Linux Eric Harney CPSC 481. What is SELinux? ● Developed by NSA – Released in 2000 ● Adds additional security capabilities to Linux.
5/7/2007CoreMcClug/SELinux 1 By: Corey McClurg. Outline A History of SELinux What is SELinux and how do I get it? Getting Started Mandatory Access Control.
2.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition System Programs (p73) System programs provide a convenient environment.
CEG 2400 FALL 2012 Linux/UNIX Network Operating Systems.
4P13 Week 5 Talking Points 1. Security Provided by BSD a self-protecting Trusted Computing Base (TCB) spanning kernel and userspace; kernel isolation.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Module 1: Introduction to Windows 2000 and Networking.
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University
Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.
MLS/MCS on SE Linux Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework Uses.
Linux Kernel Security (SELinux vs AppArmor vs Grsecurity)
Overview of NSA Security Enhanced Linux Russell Coker.
SELinux Overview Dan Walsh SELinux for Dummies Dan Walsh
SE Linux Implementation Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework.
Computers: Tools for an Information Age
Chapter 2: System Structures
SE Linux Implementation
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
Chapter 2: System Structures
SELinux (Security Enhanced Linux)
An Overview Rick Anderson Pat Demko
SECURITY IN THE LINUX OPERATING SYSTEM
Outline Chapter 2 (cont) OS Design OS structure
Outline Operating System Organization Operating System Examples
NSA Security-Enhanced Linux (SELinux)
Designing IIS Security (IIS – Internet Information Service)
CS 111 – Sept. 20 Operating Systems Commitment: definition origin
Presentation transcript:

Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK 74104

Overview History Goals Mandatory Access Controls/Flask Other Features/Default Policy Settings Future of SELinux

About SELinux Not an actual distribution of Linux A set of Linux Security Modules (LSM) that are integrated into the Linux kernel Streamlines software responsible for security policy enforcement Supports DoD’s Orange Book requirements for evaluation classes needing a Trusted Computer Base (B3, A1)

History Originally developed by the NSA’s National Information Assurance Research Laboratory in conjunction with Secure Computing Corporation (SCC) Released to the Open Source community in December 2000 ( Integrated into version 2.6 of the Linux kernel in 2003

Goals Enforce the separation of information based on confidentiality and integrity requirements to provide system security Confine damage caused by malicious or flawed applications

SELinux Basics Mandatory Access Controls (MAC) allow administrators to define how applications and users can access different resources (files, devices, networks, IPC) User can be differentiated from the applications they run Ex. - A user’s shell may be able to do anything within his home directory, but a mail client run by that user may be prevented from accessing certain resources within the home directory

SELinux Basics Type Enforcement All files, processes, network resources, etc. are given a “type” Ex – files in a home directory could be given type user_home_t. The MAC will treat all files with this type the same way based on the security policies. Running applications are also given types and are associated with a domain Ex – Firefox – firefox_t Controls what types can access what resource labels Types for new objects (files) are based on the domain of the creating process and the process’ label Sample policy: allow firefox_t user_home_t : file (read write); This allows the user’s firefox browser to read and write files to the user’s home directory.

Mandatory Access Controls The OS controls the ability of a subject (user, program, etc.) to perform operations on objects (files, directories, ports, memory segments, etc.) Need for: Systems can be easily compromised by exploitable bugs in programs Discretionary Access Control systems don’t take buggy software into consideration

Mandatory Access Controls

Flask: Flux Advanced Security Kernel Based on MAC architecture Defines what objects should be available and not how they should be implemented Supports “user friendly” security policies (easy to understand syntax) Separates policy from enforcement Contains a Security Server and Object Managers

Other Features Policy controls Clean separation of policy from enforcement Well-defined policy interfaces Support for applications querying the policy and enforcing access control (for example, crond running jobs in the correct context) Independent of specific policies and policy languages Support for policy changes Very flexible policy

Other Features Independent of specific security label formats and contents Individual labels and controls for kernel objects and services Caching of access decisions for efficiency Separate measures for protecting system integrity (domain-type) and data confidentiality (multilevel security) Controls over process initialization and inheritance and program execution Controls over file systems, directories, files, and open file descriptors Controls over sockets, messages, and network interfaces

Default Security Policy 1.Control raw access to data Defines types for kernel memory devices, disk devices, etc. Define separate domains for processes that require access to above types 2.Protect the integrity of the kernel Define types for boot files, module object files, module utilities, and module configuration files Defines separate domains for applications requiring write access to the files

Default Security Policy 3.Protect integrity of system software, system configuration info, and system logs Only administrators can modify system software Defines separate types for system configuration files and system logs 4.Confine potential damage from the exploitation of a privileged process Privileged system processes are placed in a separate domain Each domain is limited to only the privileges it requires

Default Security Policy 5.Protect privileged processes from executing malicious code An executable type is defined for each program. Transitions can only be made to the privileged domain by privileged executable typed programs. 6.Prevent the administrator role and domain from being entered without proper authentication Administrator role and domain can only be entered via the login program newrole program added to permit administrator remote login

Default Security Policy 7.Prevent regular user processes from interfering with system or administrator processes Only certain processes and administrators can access procfs entries for other domains Files created in shared directories (/tmp) are separately typed based on domain 8.Protect users and admins from the exploitation of browser flaws The browser is placed in a separate domain with limited permissions Users can allow the browser read or write access to local files

Is SELinux Enabled? Command sestatus Enforcing = System is protected by SELinux Permissive = SELinux is enabled but not currently protecting the system Disabled = SELinux is completely disabled

Implementations SELinux is currently integrated into the following: Linux kernel 2.6 series Solaris Darwin kernel

Future of SELinux NSA has not made any major updates since Sept Control of the project has passed to the SELinux Project group. Goals: Integrate SELinux awareness into other userspace object managers Modify other applications to better leverage SELinux Enhance policy tools and infrastructure Enhance the SELinux reference policy Enhance device labeling Enhance revocation support Develop flexible trusted path mechanism Improve network scalability and performance Improve baseline performance Develop framework and controls for driver-specific operations Develop support for polyinstantiated ports

Similar Systems/Approaches AppArmor (created by Novell Inc.) Virtualization as a means of isolating processes

Sources “Discretionary Access Control vs. Mandatory Access Control”. Fall07/handouts/426_Fall07_lect12.pdf Fall07/handouts/426_Fall07_lect12.pdf “Fig.2 Discretionary and mandatory access controls diagrams”. 76/. 76/ “Security-Enhanced Linux”. “SELinux Project Wiki”.

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.