9.2 On the Topics of Difficulty and Discretion

     

The SELinux source policy is a sophisticated software system. It includes dozens of object classes, scores of defined permissions, more than 1,000 type transitions, thousands of object instances, and tens of thousands of access-vector rules. You can think of the source policy as a computer program and the security engine as a CPU that executes the translated binary form of this program. So customizing the SELinux policy is akin to performing software maintenance on a program consisting of tens of thousands of noncomment source lines.



SELinux. NSA's Open Source Security Enhanced Linux
Selinux: NSAs Open Source Security Enhanced Linux
ISBN: 0596007167
EAN: 2147483647
Year: 2003
Pages: 100
Authors: Bill McCarty

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net