SELinux Overview ● Permissions historically – Why is unix or ACL permissions not good enough? ● DAC vs. MAC ● SELinux ID, objects, roles and types ● Policy.

Slides:

Advertisements

Similar presentations

By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)

Advertisements

Model-Driven Design and Administration of Access Control in Enterprise Applications April 2005.

1 Flexible Mandatory Access Control (MAC) in Modern Operating Systems Jeffrey H. Jewell CS 591 December 7, 2009 Jeffrey H. Jewell CS 591 December 7, 2009.

Chapter 9 Building a Secure Operating System for Linux.

CSC 395 – Software Engineering Lecture 24: Apache Ant –or– Programming the results of programming Based upon a talk by Anthony Wat.

Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.

Shane Jahnke CS591 December 7,  What is SELinux?  Changing SELinux Policies  What is SLIDE?  Reference Policy  SLIDE  Installation and Configuration.

Sharing Files Richard Newman based on Smith “Elementary Information Security”

Linux Security.

ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.

Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

Security Enhanced Linux (SELinux)

Central Online Grading System COGS Dec15-21 dec1521.sd.ece.iastate.edu.

SELinux US/Fedora/13/html/Security-Enhanced_Linux/

Bacon A Penetration and Auditing Framework Hernan Gips

system hardening Act of modifying a system to make it more secure Protecting against internal and external threats Usually a balance between security.

Access Control Policies Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) 11 Coming up:

Linux kernel security Professor: Mahmood Ranjbar Authors: mohammad Heydari Mahmood ZafarArjmand Zohre Alihoseyni Maryam Sabaghi.

Security Enhanced Linux David Quigley. History SELinux Timeline 1985:LOCK (early Type Enforcement) 1990: DTMach / DTOS 1995: Utah Fluke / Flask 1999:

FOSS Security through SELinux (Security Enhanced Linux) M.B.G. Suranga De Silva Information Security Specialist TECHCERT c/o Department of Computer Science.

1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02.

CIS 290 Linux Security Program Authentication Module and Security Enhanced LINUX.

Security+ All-In-One Edition Chapter 19 – Privilege Management Brian E. Brzezicki.

Using the Flask Security Architecture to Facilitate Risk Adaptable Access Control March 31 Younsik Jeong Ph.D. Student.

4P13 Week 1 Talking Points. Kernel Organization Basic kernel facilities: timer and system-clock handling, descriptor management, and process Management.

Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.

ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.

Windows Role-Based Access Control Longhorn Update

SELinux. The need for secure OS Increasing risk to valuable information Dependence on OS protection mechanisms Inadequacy of mainstream operating systems.

Lecture 18 Page 1 CS 111 Online OS Use of Access Control Operating systems often use both ACLs and capabilities – Sometimes for the same resource E.g.,

1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.

Chapter 4 Sharing Files. FIGURE 4.0.F01: Sharing files for reading on Microsoft Windows 8.1. Used with permission from Microsoft.

Trusted Operating Systems

Privilege Management Chapter 22.

Security-Enhanced Linux Eric Harney CPSC 481. What is SELinux? ● Developed by NSA – Released in 2000 ● Adds additional security capabilities to Linux.

Configuring and Managing Resource Access Lecture 5.

Web Server Security: Protecting Your Pages NOAA OAR WebShop 2001 August 2 nd, 2001 Jeremy Warren.

Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK

Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.

22 feb What is Access Control? Access control is the heart of security Definitions: * The ability to allow only authorized users, programs or.

1 Introduction to SELinux David P. Quigley National Security Agency National Information Assurance Research Laboratory (NIARL)

How to live with SELinux

MLS/MCS on SE Linux Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework Uses.

1 SELinux/RHEL5 Ken Rielly Dan Walsh BASE OS Engineering Red Hat Software, Inc. Company Confidential.

Linux Kernel Security (SELinux vs AppArmor vs Grsecurity)

Overview of NSA Security Enhanced Linux Russell Coker.

SELinux Overview Dan Walsh SELinux for Dummies Dan Walsh

Red Hat Enterprise Linux 5 Security April Red Hat Development Model Collaboration with partners and open source contributors to develop technology.

SELinux Overview DAC vs MAC Discretionary Access Control Mandatory

SE Linux Implementation Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework.

OpenShift & SELinux Dan Walsh Twitter: #rhatdan

CS703 - Advanced Operating Systems

Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé

Security+ All-In-One Edition Chapter 1 – General Security Concepts

Chapter 14: System Protection

Writing SELinux Policy | Permissive Domains | Real bugs

Demystifying SELinux: WTF is it saying?

SE Linux Implementation

SELinux in 20 Minutes LCA Miniconf Jan. 28th, Canberra AU

SELinux RHEL5: A benchmark

New Features in Fedora Core 5

IS3440 Linux Security Unit 3 User Account Management

IS3440 Linux Security Unit 6 Using Layered Security for Access Control

OS Access Control Mauricio Sifontes.

Chapter 14: Protection.

Access Control and Audit

COSadmin COSC513 Ping Lu.

Presentation transcript:

SELinux Overview ● Permissions historically – Why is unix or ACL permissions not good enough? ● DAC vs. MAC ● SELinux ID, objects, roles and types ● Policy types ● SELinux administration

FOSDEM Bryan Østergaard 2 SELinux Overview ● Why is unix permissions not good enough? – Not finegrained enough – Permissions are primarily file based – Permissions are controlled by users instead of the administrator – Hard to set up access for multiple groups or users to the same file

FOSDEM Bryan Østergaard 3 SELinux Overview ● DAC vs. MAC – Unix permissions are discrete – Administrators need mandatory access ● Why? – Does MAC replace dac?

FOSDEM Bryan Østergaard 4 SELinux Overview ● SELinux ID – SELinux IDs are permanent + personal – Unix IDs are shared using SU and SUDO – It's not possible to change SELinux ID

FOSDEM Bryan Østergaard 5 SELinux Overview ● SELinux roles – Roles are used for role based access control – SELinux users can have multiple roles ● For example staff_r, sysadm_r or dnsadmin_r – System administrators usually have access to staff_r and sysadm_r – Applications have seperate roles, for example httpd_r – Roles can inherit policy from other roles through Role Dominance

FOSDEM Bryan Østergaard 6 SELinux Overview ● SELinux types – SELinux is based on Type Enforcement ● Extremely finegrained and allows almost every type of access control to be implemented ● Examples of types is shadow_t (used for /etc/shadow) or varlog_t (used for /var/log/*)

FOSDEM Bryan Østergaard 7 SELinux Overview ● SELinux objects – Access control are checked for all types of objects – Lots of different types of objects, for example ● Files ● Processes ● Pipes ● Network ports ● Mutexes ● Sockets

FOSDEM Bryan Østergaard 8 SELinux Overview ● Policy types – Policy types ● Strict ● Targeted ● Multi Level Security

FOSDEM Bryan Østergaard 9 SELinux Overview ● Access Vector Control (AVC) messages – All access control goes through the AVC cache – AVC is (basically) a big list of SELinux contexts (user:role:type) – AVC messages are logged for denials and in some cases even when access is allowed (new policy loaded for example) ● AVC messages are used to log unexpected events – Doesn't mean you're under attack

FOSDEM Bryan Østergaard 10 SELinux Overview ● Example AVC message audit( :252): avc: denied { read } for pid=23871 comm="firefox-bin" name="resolv.conf" dev=sda2 ino= scontext=user_u:user_r:user_t tcontext=system_u:object_r:net_conf_t tclass=file

FOSDEM Bryan Østergaard 11 SELinux Overview ● Reference policy – Modular – Can be compiled as targeted, strict and MLS – Can be reconfigured run-time via booleans (partly) – Administrators can be allowed access to update parts of the policy

FOSDEM Bryan Østergaard 12 SELinux Overview ● SELinux policy language – By default everything is denied – Access is allowed through Allow rules – Policy also controls AVC logging – It's possible to define constraints that limits what's allowed by Allow rules ● A constraint might limit access to sysadm_r role to only be allowed from staff_r role

FOSDEM Bryan Østergaard 13 SELinux Overview ● Simple policy example – As an example we want to allow sysadmin_r write access tol /etc/shadow (bad idea but a simple example) ● We need an Allow statement that – Gives sysadm_r – Write access – To shadow_t (default type for /etc/shadow) ● allow sysadm_r shadow_t:file write;

FOSDEM Bryan Østergaard 14 SELinux Overview ● SELinux administration – SELinux is complex and requires new tools – Administration is a focus area – GUI tools to help troubleshoot denials ● SEtroubleshooter – GUI tools to help write policies ● SLIDE – GUI tools for analysing policies ● Apol