Flylib.com
SELinux by Example: Using Security Enhanced Linux
SELinux by Example: Using Security Enhanced Linux
ISBN: 0131963694
EAN: 2147483647
Year: 2007
Pages: 154
Authors:
Frank Mayer
,
Karl MacMillan
,
David Caplan
BUY ON AMAZON
SELinux by Example: Using Security Enhanced Linux
Table of Contents
Copyright
Prentice Hall Open Source Software Development Series
Acknowledgments
About the Authors
Preface
Part I: SELinux Overview
Chapter 1. Background
Section 1.1. The Inevitability of Software Failure
Section 1.2. The Evolution of Access Control Security in Operating Systems
Section 1.3. Summary
Exercises
Chapter 2. Concepts
Section 2.1. Security Contexts for Type Enforcement
Section 2.2. Type Enforcement Access Control
Section 2.3. The Role of Roles
Section 2.4. Multilevel Security in SELinux
Section 2.5. SELinux Features Familiarization
Section 2.6. Summary
Exercises
Chapter 3. Architecture
Section 3.1. The Kernel Architecture
Section 3.2. Userspace Object Managers
Section 3.3. SELinux Policy Language
Section 3.4. Summary
Exercises
Part II: SELinux Policy Language
Chapter 4. Object Classes and Permissions
Section 4.1. Purpose of Object Classes in SELinux
Section 4.2. Defining Object Classes in SELinux Policy
Section 4.3. Available Object Classes
Section 4.4. Object Class Permission Examples
Section 4.5. Exploring Object Classes with Apol
Section 4.6. Summary
Exercises
Chapter 5. Type Enforcement
Section 5.1. Type Enforcement
Section 5.2. Types, Attributes, and Aliases
Section 5.3. Access Vector Rules
Section 5.4. Type Rules
Section 5.5. Exploring Type Enforcement Rules with Apol
Section 5.6. Summary
Exercises
Chapter 6. Roles and Users
Section 6.1. Role-Based Access Control in SELinux
Section 6.2. Roles and Role Statements
Section 6.3. Users and User Statements
Section 6.4. Exploring Roles and Users with Apol
Section 6.5. Summary
Exercises
Chapter 7. Constraints
Section 7.1. A Closer Look at the Access Decision Algorithm
Section 7.2. Constrain Statement
Section 7.3. Label Transition Constraints
Section 7.4. Summary
Exercises
Chapter 8. Multilevel Security
Section 8.1. Multilevel Security Constraints
Section 8.2. Security Contexts with MLS
Section 8.3. MLS Constraints
Section 8.4. Other Impacts of MLS
Section 8.5. Summary
Exercises
Chapter 9. Conditional Policies
Section 9.1. Overview of Conditional Policies
Section 9.2. Boolean Variables
Section 9.3. Conditional Statements
Section 9.4. Examining Booleans and Conditional Policies with Apol
Section 9.5. Summary
Exercises
Chapter 10. Object Labeling
Section 10.1. Introduction to Object Labeling
Section 10.2. File-Related Object Labeling
Section 10.3. Network and Socket Object Labeling
Section 10.4. System V IPC
Section 10.5. Miscellaneous Object Labeling
Section 10.6. Initial Security Identifiers
Section 10.7. Exploring Object Labeling with Apol
Section 10.8. Summary
Exercises
Part III: Creating and Writing SELinux Security Policies
Chapter 11. Original Example Policy
Section 11.1. Methods for Managing the Build Process
Section 11.2. Strict Example Policy
Section 11.3. Targeted Example Policy
Section 11.4. Summary
Exercises
Chapter 12. Reference Policy
Section 12.1. Goals of the Reference Policy
Section 12.2. Overview of Policy Source File Structure
Section 12.3. Design Principles
Section 12.4. Examining a Reference Policy Module
Section 12.5. Build Options for Reference Policy
Section 12.6. Summary
Exercises
Chapter 13. Managing an SELinux System
Section 13.1. SELinux Configuration and Policy Management Files
Section 13.2. Impact of SELinux on System Administration
Section 13.3. Summary
Exercises
Chapter 14. Writing Policy Modules
Section 14.1. Overview of Writing a Policy Module
Section 14.2. Preparation and Planning
Section 14.3. Creating an Initial Policy Module
Section 14.4. Testing and Analyzing the Policy
Section 14.5. Emerging Policy Development Tools
Section 14.6. Complete IRC Daemon Module Listings
Section 14.7. Summary
Appendix A. Obtaining SELinux Sample Policies
Section A.1. Example Policy
Section A.2. Reference Policy
Appendix B. Participation and Further Information
Section B.1. The SELinux Mail List
Section B.2. The Annual SELinux Symposium
Section B.3. The NSA The
Section B.4. Tresys Technology
Section B.5. Open Source Projects
Section B.6. The SELinux IRC Channel
Section B.7. The Fedora Core Site
Section B.8. Hardened Gentoo
Section B.9. Other Related Security Information
Appendix C. Object Classes and Permissions
Section C.1. Common Permission Sets
Section C.2. Object Classes and Defined Permission Sets
Appendix D. SELinux Commands and Utilities
Section D.1. System Utilities
Section D.2. SETools Suite
Section D.3. Other SELinux Tools
Index
SYMBOL
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
SELinux by Example: Using Security Enhanced Linux
ISBN: 0131963694
EAN: 2147483647
Year: 2007
Pages: 154
Authors:
Frank Mayer
,
Karl MacMillan
,
David Caplan
BUY ON AMAZON
A+ Fast Pass
Domain 2 Diagnosing and Troubleshooting
Domain 4 Motherboard/Processors/Memory
Domain 5 Printers
Domain 1 Operating System Fundamentals
Domain 2 Installation, Configuration, and Upgrading
Systematic Software Testing (Artech House Computer Library)
Risk Analysis
Improving the Testing Process
Some Final Thoughts…
Appendix A Glossary of Terms
Appendix F Process Diagrams
MySQL Cookbook
Selecting Records Based on Their Temporal Characteristics
Changing a Columns Default Value
Using Dates with Missing Components
Importing XML into MySQL
Creating Forms in Scripts
Information Dashboard Design: The Effective Visual Communication of Data
A Timely Opportunity
Typical Dashboard Data
Misusing or Overusing Color
Tapping into the Power of Visual Perception
An Ideal Library of Dashboard Display Media
802.11 Wireless Networks: The Definitive Guide, Second Edition
Management Frames
User Authentication with 802.1X
The Temporal Key Integrity Protocol (TKIP)
Frequency-Hopping Transmission
11 Network Analysis Checklist
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
Adding Shapes to Diagrams
Inserting Pictures into Diagrams
Key Points
Changing the Layout of Connected Shapes
Glossary
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies