Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02.

Published byFelix McCormick Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02."— Presentation transcript:

1 1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02

2 2 Presentation Outline Overview Security-Enhanced Linux Concept Installation Customizing the Policy

3 3 Overview What we did in this project Research work on a linux-based research operating system called Security-Enhanced Linux(SELinux) Implementation of Security-Enhanced Linux Frequently showed keywords SELinux, Type Enforcement(TE), Role- based Access Control(RBAC), Policy, etc.

4 4 Presentation Outline Overview Security-Enhanced Linux Concept SELinux Vs. traditional Linux Security model in SELinux Benefit of SELinux’s new features Installation Customizing the Policy

5 5 Security-Enhanced Linux Concept Security-Enhanced Linux (SELinux) is a research project by NSA is an implementation of a flexible and fine-grained mandatory access control(MAC) architecture called Flask in the Linux kernel provides general support for the enforcement of many kinds of MAC policies, including those based on the concepts of Type Enforcement, Role-based Access Control, and Multi-level Security

6 6 SELinux Vs. traditional Linux SELinux enforces MAC policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs The ability of these user programs and system daemons to cause harm when compromised(via buffer overflow for example) is reduced or eliminated.

7 7 SELinux Vs. traditional Linux (cont.) The confinement mechanism operates independently of the traditional Linux access control mechanisms It has no concept of a “root” super- user, and does not share the well- known shortcomings of the traditional Linux security mechanisms(such as a dependence on setuid/setgid binaries)

8 8 SELinux Vs. traditional Linux (cont.) The security of an unmodified Linux Depends on the correctness of the kernel, all the privileged applications, and each of their configurations A problem in any one of these areas may allow the compromise of the entire system The security of SELinux Depends on the correctness of the kernel and its security policy configuration While problems may allow the limited compromise of individual user programs and system daemons, they do not pose a threat to the security of other user programs and system daemons or to the security of the system as a whole

9 9 Security Model in SELinux Type Enforcement (TE) model Provides fine-grained control over processes and objects in the sytem Role-Based Access Control (RBAC) model Provides a higher level of abstraction to simplify user management

10 10 TE model Traditional TE model Binds a security attribute called a domain to each process and a type to each object Treats all processes in the same domain identically and all objects that have the same type identically A pair of access matrices specify how domains can access types and how domains can interact with other domains Each user is authorized to operate in certain domains

11 11 TE model SELinux TE model Uses a single type attribute in the security context for both processes and objects Uses the security class information provided by the Flask architecture Does not directly associate users with domains; uses RBAC model to provide an additional layer of abstraction between users and domains

12 12 RBAC model Traditional RBAC model authorizes users to act in certain roles and assigns a set of permissions to each role SELinux RBAC model authorizes each user for a set of roles, each role for a set of TE domains maintains a role attribute in the security context of each process

13 13 Benefit of SELinux’s new features The SELinux’s new features are designed to Enforce the separation of information based on confidentiality and integrity requirements Prevent processes from reading data and programs, tampering with data and programs, executing untrustworthy programs, or interfering with other processes in violation of the system security policy

14 14 Installation Where to get the copy? Free download from http://www.nsa.gov/selinux/ Components of SELinux Distribution Patches to the Linux kernel (based on kernel 2.4.18) Patches to a number of standard tools and utilities, support files, and documentation

15 15 Installation Need to have an existing Redhat Linux Redhat 7.2 or later will be better SELinux does not provide a modified xdm/gdm/kdm to set the security context for the user session Environment we use: Redhat 7.3

16 16 Installation Download the installation package (lsm-2.4-selinux-2002053110.tgz) Unzip the file, we got two folders # /lsm2.4 and /selinux The quick installation steps are as followings

17 17 Installation Edit policy/users for your users Be sure to authorize at least one user for the system administrator role (sysadm_r) Edit the default_context and cron_context files in utils/appconfig for your users security context has the syntax user:role:domain or user:role:type e.g. root:sysadm_r:sysadm_t or root:user_r:user_t

18 18 Installation Edit policy/file_contexts/ {types.fc,program/*.fc} for your site Check the pathnames against your file system layout Ensure that your current configuration is not set up to run an X Display Manager (xdm, gdm, kdm) he default runlevel specified in /etc/inittab should be runlevel 3 (Full multiuser mode)

19 19 Installation Perform the quick install make quickinstall When the kernel configuration menu is displayed, configure the kernel for your hardware as appropriate Configure your boot manager to boot the SELinux kernel e.g. if you use the LILO boot manager, configure /etc/lilo.conf, and run /sbin/lilo

20 20 Installation Boot the SELinux kernel and login in the sysadm_r role and sysadm_t domain(e.g. using “root”) Run setfiles again to ensure that files created by the old kernel during the shutdown are properly labeled cd policy make relabel Add /usr/local/selinux/bin and /usr/local/selinux/sbin to your path for the modified utilities

21 21 Installation After installation, we can try the following commands to see if it is installed correctly ‘ ps -e --context ‘ The second column should show the security context of each process Has the syntax user:role:domain or user:role:type ‘ ls -- context / ‘ The fourth column should show the security context of each file or directory in /

22 22 Installation ps -e --context PIDSIDCONTEXTCOMMAND 1 7system_u:system_r:init_tinit [3] 2 7system_r:system_r:init_t[keventd]...……… 855245system_u:system_r:local_login_tlogin --root 856244system_u:system_r:getty_t/sbin/mingetty tty2 857244system_u:system_r:getty_t/sbin/mingetty tty3 858244system_u:system_r:getty_t/sbin/mingetty tty4 859244system_u:system_r:getty_t/sbin/mingetty tty5 860244system_u:system_r:getty_t/sbin/mingetty tty6 863246root:sysadm_r:sysadm_t-bash 910246root:sysadm_r:sysadm_tps -e --context

23 23 Installation ls -- context / drwxr-xr-x rootrootsystem_u:object_r:bin_tbin drwxr-xr-x rootrootsystem_u:object_r:boot_tboot drwxr-xr-x rootrootsystem_u:object_r:device_tdev drwxr-xr-x rootrootsystem_u:object_r:etc_tetc drwxr-xr-x rootrootsystem_u:object_r:user_home_thome drwxr-xr-x rootrootsystem_u:object_r:file_tinitrd drwxr-xr-x rootrootsystem_u:object_r:lib_tlib drwxr-xr-x rootrootsystem_u:object_r:lost_found_tlost+found drwxr-xr-x rootrootsystem_u:object_r:file_tmisc drwxr-xr-x rootrootsystem_u:object_r:file_tmnt drwxr-xr-x rootrootsystem_u:object_r:file_topt dr-xr-xr-x rootrootsystem_u:object_r:proc_tproc drwxr-x--- rootrootsystem_u:object_r:sysadm_home_troot drwxr-xr-x rootrootsystem_u:object_r:sbin_tsbin drwxrwxrwx rootrootsystem_u:object_r:tmp_ttmp drwxr-xr-x rootrootsystem_u:object_r:usr_tusr drwxr-xr-x rootrootsystem_u:object_r:var_tvar

24 24 Customizing the policy What we can do Adding users Adding permissions Adding programs to an existing domain Creating a new domain Creating a new type Creating a new role

25 25 Customizing the policy Adding users If we want to add a user steve to the system who should be authorized for both the user_r and sysadm_r roles Add an entry to the policy/users files: user steve roles { user_r sysadm_r } Run make load to reload the policy

26 26 Customizing the policy Adding programs to an existing domain Locate an appropriate domain by  examining the existing programs domains under policy/domains/program  examining how existing programs are associated with the executable types for those domains in policy/file_contexts/program Relabel the program by # make relabel

27 27 Customizing the policy Creating a new role Create a new domain to be used as the initial login domain for the role Define role declaration in policy/rbac Reload the policy # make load Add an entry for the role in /etc/security/default_type

28 28 References SELinux installation help Stephen Smalley, “Configuring the SELinux Policy”, 2002 Stephen Smalley and Timothy Fraser, “A Security Policy Configuration for the Security-Enhanced Linux”, 2001 http://www.nsa.gov/selinux

29 29 Questions? Thank You !

Download ppt "1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02."

Similar presentations

Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.

Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Chapter 9: Understanding System Initialization The Complete Guide To Linux System Administration.

Chapter 9: Understanding System Initialization The Complete Guide To Linux System Administration.
Access Control Patterns Fatemeh Imani Mehr Amirkabir university of technology, Department of Computer Engineering & Information Technology.

Access Control Patterns Fatemeh Imani Mehr Amirkabir university of technology, Department of Computer Engineering & Information Technology.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
SELinux (Security Enhanced Linux) By: Corey McClurg.

SELinux (Security Enhanced Linux) By: Corey McClurg.
11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.

11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.

Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.
Shane Jahnke CS591 December 7, 2009.  What is SELinux?  Changing SELinux Policies  What is SLIDE?  Reference Policy  SLIDE  Installation and Configuration.

Shane Jahnke CS591 December 7,  What is SELinux?  Changing SELinux Policies  What is SLIDE?  Reference Policy  SLIDE  Installation and Configuration.
System Startup and Shutdown

System Startup and Shutdown
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.
Role Based Access control By Ganesh Godavari. Outline of the talk Motivation Terms and Definitions Current Access Control Mechanism Role Based Access.

Role Based Access control By Ganesh Godavari. Outline of the talk Motivation Terms and Definitions Current Access Control Mechanism Role Based Access.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
SELinux. 2SELinux Wikipedia says: Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM)

SELinux. 2SELinux Wikipedia says: Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM)
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.

ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.

Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Similar presentations

Ads by Google