A Security Policy Configuration for the Security-Enhanced Linux
Stephen Smalley and Timothy Fraser (NAI Labs)
First published: December 2000
The National Security Agency's Information Assurance Research Office is integrating a flexible mandatory access control architecture called Flask into the Linux operating system. The Secure Execution Environments group at NAI Labs is developing a Role-Based Access Control (RBAC) and Type Enforcement (TE) security policy configuration for Security-enhanced Linux. This report describes the current state of this security policy configuration. The report begins with an overview of the security policy configuration. It then discusses the details of the configuration for Type Enforcement, Role-Based Access Control, users, constraints, and security contexts. A separate configuration used to initially set file security contexts is then described. Finally, the report describes configuration extensions to support the installation of the system.viewer application or a Web browser plug-in that supports the PDF file format.
Linux is a registered trademark of Linus Torvalds
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009