Implementing SELinux as a Linux Security Module
Stephen Smalley, Chris Vance, and Wayne Salamon (NAI Labs)
Initial version: December 2001
This technical report describes the implementation of the LSM-based SELinux security module. The report begins by providing an overview of LSM and a review of the SELinux basic concepts. It then provides a summary of how the LSM-based SELinux security module differs from the original SELinux kernel patch. Several aspects of the SELinux security module are then described, including its internal architecture, its initialization code, its support for stacking with other security modules, and its approach for implementing the SELinux API. The remainder of the report is then spent documenting the SELinux hook function implementations, organized into sections for each grouping of LSM hooks.viewer application or a Web browser plug-in that supports the PDF file format.
Linux is a registered trademark of Linus Torvalds
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009