selinux.txt

An introduction to selinux with code examples in C. Fedora based.

SELinux:  An Introduction
 by n00m, 6/11/2005
 

SELinux is an implementation of a Mandatory Access Control architecture called 
Flask, using the Linux Kernel.  Up until its release such systems were not very 
widespread.  Currently however, Fedora Core 3 comes with SELinux installed, 
and many other distributions such as Debian and Slackware are adopting it.

According to the NSA, a MAC is needed when "protection decisions must not be 
decided by the object owner, and the system must enforce the protection 
descisions over the wishes or intentions of the object owner". 

Flask evolved from a long line of NSA research on such MAC systems.  
Mandatory Access Controls were originally built to enforce security clearances 
given to users for objects in the system.  SELinux takes the concept one step 
farther, applying such restrictions to almost every definable object a system could 
have.

Non SELinux systems use a Discretionary Access control system which is 
"vulnerable to tampering and bypass, and malicious or flawed applications can 
easily cause failures in system security."  This is due to the fact that actions are 
limited only by user identity and ownership, not by role.  

For example, an attacker gaining control of a program in a DAC system is 
allowed to do anything with that control, and can access anything the user the 
process runs as can access.  This is often not a good thing, as it allows the 
corrupted process to do malicious things regardless of what role the program 
originally was meant for.

SELinux policy helps solve this problem by allowing for very fine grained access 
control.  Some policies are separation policies to enforce legal and classification 
restrictions on data, containment policies to restrict process access to data and 
files, integrity policies to protect against modifications to data, and invocation 
policies to control how processes run on the system.

In order for SELinux to function on Fedora Core 3, install libselinux, selinux-
policy-strict, setools, checkpolicy, and policycoreutils rpms.  
The system-config-securitylevel and setools-gui rpms are also helpful to see 
some good examples of policies assignable to a user.  In order to compile some 
of the later examples, you will need a also need the libselinux-devel and selinux-
policy-strict-sources rpms.

SELinux accomplishes Mandatory Access Control with Flask and a "combination 
of a Type Enforcement (TE) model and a Role-Based Access Control (RBAC) 
model.