Chapter 6. Role-Based Access Control

     

Up to this point in the book, we've looked at the functions SELinux provides and the configuration files that direct its operation. However, we've merely glanced at the SELinux policy language that's used to specify the SELinux security policy. Our situation is akin to that of a 15 th or 16 th century explorer who has studied maps of the New World and dreamed of the exotic sights that may be found there but has not yet ventured to sea. In this chapter, we at last embark upon our sea voyage.

In this chapter and the following two chapters, you'll find a detailed explanation of the SELinux policy language and several related languages, such as those used to specify file and security contexts. This chapter explains the SELinux role-based access control policies, Chapter 7 explains the SELinux type-enforcement policies, and Chapter 8 explains other elements of the SELinux policy. Of course, most likely your goal is not merely to understand the SELinux policy language or SELinux security policies themselves , though such skills are useful to the SELinux system administrator. Instead, it's more likely that you want to be able to specify new and modified SELinux security policies. If that is your goal, Chapter 6 through Chapter 8 won't quite take you to the end of your voyage, though you'll make landfall near the end of Chapter 8. Then you'll be ready for Chapter 9, which explains how you can customize existing SELinux policies and implement your own policies.



SELinux. NSA's Open Source Security Enhanced Linux
Selinux: NSAs Open Source Security Enhanced Linux
ISBN: 0596007167
EAN: 2147483647
Year: 2003
Pages: 100
Authors: Bill McCarty

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net