Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
9 Cards in this Set
- Front
- Back
What does the "SE" stand for in SELinux?
|
"Security Enhanced" Linux
|
|
What type of access control model does SELinux provide?
|
Mandatory Access Control (MAC). Augments the Discretionary Access Control (DAC) model in Linux.
|
|
What are the three (3) policies that Red Hat provides with SELinux
|
targeted, strict, and mls
|
|
What command can be used to check the status of SELinux?
|
/usr/sbin/sestatus
|
|
What does this rule mean:
"allow Source Target:Class Permission;"? |
grant Permission to a process of domain (type) Source on objects of type Target and class Class
|
|
allow unconfined_t mytype_t:file read ;
|
* ... which means ``allow processes in domain (type) unconfined_t read permission on files of type mytype_t''
* There is no need to write permission rules from scratch * audit2allow will do most of the work for us * It's extremely important to understand what the rules say |
|
type_transition Source Target:Class new_type;
|
"any object of class Class, which is created by a process in the domain (type) Source, and would by default get the type Target, will get the type new_type instead''
|
|
type_transition sshd_t tmp_t:file sshd_tmp_t;
|
... which means that if a process running in the sshd_t domain (most likely the ssh deamon) creates a plain regular file which should have gotten the tmp_t type (most likely because it's in the /tmp directory), it should get the sshd_tmp_t instead.
|
|
What is an SELinux module?
|
* Just another bunch of declarations and rules injected into the kernel
* Can be unloaded * Usually covers the security rules for a certain application |