Linux kernel security Professor: Mahmood Ranjbar Authors: mohammad Heydari Mahmood ZafarArjmand Zohre Alihoseyni Maryam Sabaghi.

Slides:



Advertisements
Similar presentations
Operating System Security
Advertisements

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.
By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)
SELinux (Security Enhanced Linux) By: Corey McClurg.
Linux+ Guide to Linux Certification, Second Edition
Shane Jahnke CS591 December 7,  What is SELinux?  Changing SELinux Policies  What is SLIDE?  Reference Policy  SLIDE  Installation and Configuration.
UNIX Chapter 08 File Security Mr. Mohammad Smirat.
Lecture 7 Access Control
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
SELinux For Dummies Gary Smith, EMSL, Pacific Northwest National Laboratory.
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
Security Enhanced Linux (SELinux)
Computer Security An overview of terms and key concepts.
Filesystem Hierarchy Standard (FHS) –Standard of outlining the location of set files and directories on a Linux system –Gives Linux software developers.
Secure Operating Systems
Files & Directories Objectives –to be able to describe and use the Unix file system model and concepts Contents –directory structure –file system concepts.
SELinux US/Fedora/13/html/Security-Enhanced_Linux/
system hardening Act of modifying a system to make it more secure Protecting against internal and external threats Usually a balance between security.
Security Enhanced Linux David Quigley. History SELinux Timeline 1985:LOCK (early Type Enforcement) 1990: DTMach / DTOS 1995: Utah Fluke / Flask 1999:
FOSS Security through SELinux (Security Enhanced Linux) M.B.G. Suranga De Silva Information Security Specialist TECHCERT c/o Department of Computer Science.
File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)
Linux+ Guide to Linux Certification, Second Edition
1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02.
CIS 290 Linux Security Program Authentication Module and Security Enhanced LINUX.
Security+ All-In-One Edition Chapter 19 – Privilege Management Brian E. Brzezicki.
Chapter Two Exploring the UNIX File System and File Security.
G53SEC 1 Access Control principals, objects and their operations.
Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.
Chapter Two Exploring the UNIX File System and File Security.
Linux+ Guide to Linux Certification, Third Edition
Linux+ Guide to Linux Certification, Third Edition
Linux services troubleshooting. If you cannot connect to your service.. When you start service, check that it says ok (most services say that when starting.
SELinux. The need for secure OS Increasing risk to valuable information Dependence on OS protection mechanisms Inadequacy of mainstream operating systems.
CSCI 530 Lab Authorization. Review Authentication: proving the identity of someone Passwords Smart Cards DNA, fingerprint, retina, etc. Authorization:
Trusted Operating Systems
The SELinux of First Look. Prologue After many discussions with a lot of Linux users, I’ve come to realize that most of them seem to disable SELinux rather.
Access Control: Policies and Mechanisms Vinod Ganapathy.
Privilege Management Chapter 22.
Security-Enhanced Linux Eric Harney CPSC 481. What is SELinux? ● Developed by NSA – Released in 2000 ● Adds additional security capabilities to Linux.
Computer Security: Principles and Practice
5/7/2007CoreMcClug/SELinux 1 By: Corey McClurg. Outline A History of SELinux What is SELinux and how do I get it? Getting Started Mandatory Access Control.
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
File System Security in Unix Annie Calpe. Overview Unix Basics File System Security: - Account Security: Passwords - File Permissions - Access Control.
1 Introduction to SELinux David P. Quigley National Security Agency National Information Assurance Research Laboratory (NIARL)
How to live with SELinux
MLS/MCS on SE Linux Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework Uses.
Linux Kernel Security (SELinux vs AppArmor vs Grsecurity)
SELinux Overview Dan Walsh SELinux for Dummies Dan Walsh
What is SELinux trying to tell me? The 4 key causes of SELinux errors.
SELinux Overview DAC vs MAC Discretionary Access Control Mandatory
SE Linux Implementation Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework.
Writing SELinux Policy | Permissive Domains | Real bugs
SELinux for Dummies Dan Walsh.
Demystifying SELinux: WTF is it saying?
SELinux Daniel J Walsh SELinux Lead Engineer.
SE Linux Implementation
SELinux in 20 Minutes LCA Miniconf Jan. 28th, Canberra AU
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
Exploring the UNIX File System and File Security
SELinux (Security Enhanced Linux)
An Overview Rick Anderson Pat Demko
SELinux
OS Access Control Mauricio Sifontes.
Figure 6-13: Managing Permissions
Access Control What’s New?
Access Control and Audit
Presentation transcript:

Linux kernel security Professor: Mahmood Ranjbar Authors: mohammad Heydari Mahmood ZafarArjmand Zohre Alihoseyni Maryam Sabaghi

why kernel is important? why security in kernel is important? l Every thing in operation system runs above the kernel l If a kernel denies an action... no one can over right from that

Access control… most important security concept in kernel security Access control... Access to files Access to ports Access to processes If we secure all above items, almost every thing is done!

Access control methods DAC Discretionary Access Control MAC Mandatory Access Control

l -rw-rw-r-- 1 ted ted 0 May 6 01:14 1.txt l | perm codes| | user| |group| | name| DAC

DAC problems prone to malware/malicious setuid/setgid files are vulnerable Access to objects (files) are based solely on user identity(uid/gid) default policy is liberal where are only 2 user privileges: Admin Non-Admin

MAC benefits More systems administration/expertise is required offers more granular/fine control of security The ability to restrict at a lower-level access to objects SELinux is compiled into the kernel and supported via LSMs Ideal for Internet-facing systems httpd,mysqld,etc. SELinux denies interaction between Subjects & Objects by default

security check order MAC-based checks occurr AFTER DAC-based checks. If DAC denies an access, MAC will nor check. MAC is only processed if DAC permits.

Security Enhanced Linux From Wikipedia: The United States National Security Agency (NSA), the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000.[3] The software merged into the mainline Linux kernel test3, released on 8 August A Linux kernel integrating SELinux enforces mandatory access-control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs.

Installation - centos Just use YUM: Yum install selinux setools-console Yum search selinux Yum provides */semanage

SELinux Modes Enforcing policy(targeted) is applied Permissive policy(targeted) is applied, but simply logged Disabled policy(targeted)/SELinux is DISABLED

permissive Programs will still run as expected Violations to the security policy will appear in /var/log/audit/audit.log Using for troubleshooting SELinux configs SELinux logger agent

Object and Subjects Objects on the system are abstracted into 2 classes Subjects - user, processes Objects - files(text/binary/sockets/)

exploring common tools sestatus (-v) setenforce /selinux setsebool (-P) getsebool Restorecon chcon

exploring common tools - sestatus Display current status -v for verbose mode SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: enforcing Policy version: 24 Policy from config file: targeted

setenforce / getenforce Get`s or Set`s enforcing modes changes are not persistent In /etc/selinux/config enforcing type can be define prepersistent

/selinux /proc like FS(virtual) maintains selinux information All in formation in current status of running SELinux can find here... just as files Example /selinux/enforce when changing enforcing type

getsebool l List Booleans that can be set in SELinux l Use -a to see all available Booleans

setsebool Sets boolian values for selinux Use –P to make changes persistent Example is setsebool httpd_can_network_connect on To prevent Linux users in the user_t domain from executing applications in their home directories and /tmp/: /usr/sbin/setsebool -P allow_user_exec_content off

[Command] -Z ps -Z - reveals the various sandboxes/domains (subjects) ls -Z - reveals security context of files/directories(objects) cp -Z - new file with NEW security context(Type) is created mv -Z - preserves SELinux security tuple/context/label id -Z - reveals current security context of user (tuple)

id -Z SEuser:SErole:SEtype Field/Degree #1 - User Label: Non-privileged User: user_u privileged User (root): system_u Field/Degree #2 - RBAC Role-Based Access Control Privileged/Non-privileged Users: unconfined_r privileged User (root): system_r Field/Degree #3 - Type(Objects(files))/Domain(Subjects(programs/users)) Privileged/Non-privileged Users: unconfined_t Processes i.e. (httpd): httpd_t, dhcpd_t

chcon The 'chcon' command may be used to change SELinux security context of a file or files/directories in a similar way to how 'chown' or 'chmod' may be used to change the ownership or standard file permissions of a file.

restorecon The 'restorecon' command may be used to restore file(s) default SELinux security contexts. I Dont want to change type by hand

Extended attibutes On a typical Linux disk based file system, each file is identified uniquely by an inode containing critical metadata for the file, including UNIX ownership and access control information. When the kernel references a file, its inode is read from disk into memory. A standard UNIX permission check simply uses the information present within the inode. SELinux extends standard UNIX security and uses security context labels to make extended access control decisions.

labels behavior during CP, MV and file creation File create with parent metadata CP work with file creation MV fust change the parent

Roles ALL objects(files) MUST be properly labeled Files that are improperly labeled will NOT be protected Roles define which SELinux user identities can have access to what domains For example, the domains named_t and squid_t are both in the role system_r. However, named_t cannot transition to squid_t without an allow rule

role example View SELinux user mappings $ semanage user -l Allow joe to login as staff_u $ semanage login -a -s staff_u joe Add file-context for everything under /web (used by restorecon) $ semanage fcontext -a -t httpd_sys_content_t '/web(/.*)?' Allow Apache to listen on port 81 $ semanage port -a -t http_port_t -p tcp 81

Add role example semanage fcontext -a -t httpd_user_content_t '/path/to/mediawiki/install(/.*)?' semanage fcontext -a -t httpd_user_script_exec_t '/path/to/mediawiki/install/.*\/php5?' semanage fcontext -a -t httpd_user_script_exec_t '/path/to/mediawiki/install/includes/.*\.php5?' semanage fcontext -a -t httpd_user_script_rw_t '/path/to/mediawiki/install/images(/.*)?'

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.