Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Operating Systems

Published byBuddy Hood Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Operating Systems"— Presentation transcript:

1 Secure Operating Systems
Lesson D: SELinux

2 Where are we? We just studied Linux security features… but it appears we can go one better: SELinux

3 SELinux: History Developed by the NSA, and open sourced in 2000
Basically, it’s not as exciting as it sounds – leverages LSM to provide for MAC

4 Linux Security Modules
If you were designing changes to support security to the Linux kernel what design paradigm would you pick and why? Pluggable modules – double edged Great for adding flexible security Horrible, as they allow rootkits easy access to the kernel

5 Components The SELinux Reference Monitor
Trusted services for administration General trusted services

6 The Reference Monitor Doesn’t just apply to users and files – can include sockets etc. Uses LSM hooks to determine authorization Example: file access Kernel decides based on inode (ultimately) Subject, object, operation model (who, where, what, kind of…)

7 Context/relationship
User Role 1 Context A Context B Context C Role 2 Context D Context E

8 Type Enforcement The combination of TE and MLS is powerful in SELinux…
Rule: allow <subject> <object>: <obj class> <ops> Rule: allow user_t bin_t : file {execute getattr}; Means: a process with a domain of user_t can execute and get the attributes of a file with a type of bin_t SELinux is default deny environment TE is VERY powerful… perhaps we should do a class on it?

9 Labels All of the above relies on labels (like user_t)
Can define for files based on location Labels inherited from parents (i.e. file gets label from parent directory) Can create rules that override default labeling using type_transition rules

10 SELinux – Transition state
Can change label at execution time Better that setuid: Transition to a specified label not a whole user (e.g. setuid root) Limits who/what can execute our transition (anyone can call a setuid root program, not true for SELinux) Reminiscent of Multics (hello Hilary) ring bracketing but much finer grained

11 Administration Yow… as you can imagine, this can be gnarly
Can enforce least privilege for services – very handy! Typically, you don’t do this yourself; there’s plenty of books on this topic! What happens to “root” under SELinux?

12 SELinux Trusted Programs
Some applications – like X server – need to be customized to work in SELinux properly. Of course, there’s a bunch of trusted programs too (like passwd or init)

13 Verification? Complete Mediation? Tamperproof? Verifiable?
Yes! Designed to mediate all access according to TE etc. Should mitigate TOCTOU Tamperproof? Modules run in Ring 0 (huh… didn’t we talk about this?) Verifiable? Kind of

14 Things to Do Take a look at “Securing Android-Powered Mobile Devices Using SELinux” Easy read, lots of good information!

15 Questions & Comments What do you want to know?

Download ppt "Secure Operating Systems"

Similar presentations

Operating System Security

Operating System Security
JENNIS SHRESTHA CSC 345 April 22, 2014. Contents Introduction History Flux Advanced Security Kernel Mandatory Access Control Policies MAC Vs DAC Features.

JENNIS SHRESTHA CSC 345 April 22, Contents Introduction History Flux Advanced Security Kernel Mandatory Access Control Policies MAC Vs DAC Features.
Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.

Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.
Chapter 4 Security in Ordinary Operating Systems

Chapter 4 Security in Ordinary Operating Systems
Secure Operating Systems Lesson 9: Multics. Where are we?  We now know all the background… so it’s time to figure out why Dr. Ford likes Multics so very.

Secure Operating Systems Lesson 9: Multics. Where are we?  We now know all the background… so it’s time to figure out why Dr. Ford likes Multics so very.
Chapter 6 Security Kernels.

Chapter 6 Security Kernels.
Secure Operating Systems Lesson 10: SCOMP. Where are we?  Multics is busy being explored, which is kind of cool…  But Multics wasn’t the end of custom.

Secure Operating Systems Lesson 10: SCOMP. Where are we?  Multics is busy being explored, which is kind of cool…  But Multics wasn’t the end of custom.
By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)

By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)
Chapter 9 Building a Secure Operating System for Linux.

Chapter 9 Building a Secure Operating System for Linux.
SELinux (Security Enhanced Linux) By: Corey McClurg.

SELinux (Security Enhanced Linux) By: Corey McClurg.
Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.

Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.
Security Improvements in Linux Using Capabilities

Security Improvements in Linux Using Capabilities
Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.

Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.
Lecture 7 Access Control

Lecture 7 Access Control
SELinux. 2SELinux Wikipedia says: Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM)

SELinux. 2SELinux Wikipedia says: Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM)
Linux Security.

Linux Security.
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.

ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
CS-550 (M.Soneru): Protection and Security - 2 [SaS] 1 Protection and Security - 2.

CS-550 (M.Soneru): Protection and Security - 2 [SaS] 1 Protection and Security - 2.
Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.

Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.
Computer Security & OS Lab. DKU May 26 Younsik Jeong Ph.D. Student.

Computer Security & OS Lab. DKU May 26 Younsik Jeong Ph.D. Student.

Similar presentations

Ads by Google