next up previous contents
Next: Device Types Up: General Types Previous: General Types   Contents


Security Types

The security.te file contains declarations for types defined for new security objects introduced by Flask. The security server type, security_t, is used to control the ability to use most of the new security server system calls. The policy configuration grants every domain permissions to obtain SIDs for contexts and to get the list of active SIDs. The permission to obtain a context for a SID is based on the type associated with the particular SID rather than using the generic security_t type. The policy configuration grants every domain this permission to every type, so the ability to obtain the security context associated with any SID is also unrestricted.

The policy configuration type, policy_config_t, is used to control access to the compiled policy configuration file (/ss_policy). The permission to load a new policy configuration on an operational system is also based on this type. This type can only be modified by the administrator. Stronger integrity protection could be provided by only allowing this type to be created or modified by the administrator through a specific program. Such a program could also require reauthentication to ensure that the policy configuration is not rewritten without user consent. Permission to load a new policy configuration is only granted between the administrator domain and this type.

The policy source type, policy_src_t, is used to control access to the policy configuration source files. This type can only be modified by the administrator. Since these source files have no standard location, the file_contexts configuration should be customized by each site to set the location of the policy configuration sources prior to relabeling the file system.

The file labels type, file_labels_t, is used to control access to the persistent label mapping stored in each file system. The mapping files are in the ...security subdirectory at the root of each file system. This type can only be modified by the administrator. As with the policy configuration type, it might be desirable to provide stronger integrity protection for this type.

The inaccessible type, no_access_t, is a general type for files that are only accessible by administrators. This type is not currently used in the file context configuration.


next up previous contents
Next: Device Types Up: General Types Previous: General Types   Contents