Tuesday, 17 July 2007

SELinux & Access Controls - 1














There are two types of Access Control which are:

  • Discretionary Access Control (DAC)
In the DAC systems every object in the system has an owner who initially created the object. The access policy for the object is determined by its owner. The owner decides who is allowed access to the object and what privileges they have.
  • MAC - Mandatory Access Control
In this access control type the policy determined by the system, not the owner. MAC is used in multilevel systems that process highly sensitive data, such as classified government and military information. A multilevel system is a single computer system that handles multiple classification levels between subjects and objects.

The Access Control Models which could be used are :
  • Lattice Models
  • Bell-LaPadula Model
  • Biba Model
  • Take-Grant Model
  • Clark-Wilson Model
Well, what is the objective from this talking. It is introductory to SELinux (RBAC) . Today I faced a big problem when I tried to load module in the kernel and when I rebooted the machine it didn't start-up. I solved the problem by disabling SELinux from the kernel and the machine started up again. So, decided to understand SELinux well. I used to work with it with the default setting and policy but today I found it is very important to understand it more and give it more attention. I collected good materials and I hope within this week I could put what I got in a simple way in this blog.

Reference: Wikipedia
Posted by at

1 comment:

Anonymous said...

Have you got the materials? I'm really interested in finding good white papers on SELinux, it gave me headaches and I had to disable it although I'm sure it is very helpful.

Thanks,

14 March 2008 at 13:13

Post a Comment

Subscribe to: Post Comments (Atom)