Your SlideShare is downloading. ×
SELinux for Everyday SysAdmins - FISL 10
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

SELinux for Everyday SysAdmins - FISL 10

1,445
views

Published on

Palestra sobre SELinux ministrada no Forum Internacional de Software Livre - FISL 10 em junho de 2009.

Palestra sobre SELinux ministrada no Forum Internacional de Software Livre - FISL 10 em junho de 2009.

Published in: Technology, News & Politics

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,445
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
67
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SELinux for Everyday SysAdmins Jeronimo Zucco jczucco@gmail.com Ulisses Castro ussthebug@gmail.com 10º Forum Internacional de Software Livre – FISL 2009
  • 2. Quem Somos ? ● Jeronimo Zucco: Bacharel em Ciência da Computação e Pós-Graduado em Gerência e Segurança de Redes. 11 anos de experiência com GNU/Linux. ● Ulisses Castro: Consultor, Instrutor e Pentester com ênfase em Software Livre, Hardening em Sistemas Operacionais e Banco de Dados, Mantenedor Debian (selinux-basics), OWASP: ASDR, Top Ten, CEH (Certified Ethical Hacker), LPIC-2, Desenvolvedor Python
  • 3. Incidentes de Segurança
  • 4. Contextos de Segurança ● ls -Z -rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/resolv.conf drwxr-xr-x. jczucco jczucco unconfined_u:object_r:user_home_t:s0 Documents
  • 5. Firefox poderia ler a chave privada? ronaldo 5949 3.6 12.8 130792 32188 ? Sl 23:43 0:06 firefox-bin -rw------- 1 ronaldo admins 1671 Aug 11 23:48 id_rsa
  • 6. DAC x MAC
  • 7. Security-Enhanced Linux
  • 8. SELinux - Arquitetura
  • 9. SELinux - Elementos
  • 10. Usabilidade “...life is too short for SELinux.” (Theodore Ts’o)”
  • 11. SELinux – Política Targeted
  • 12. SELinux Management
  • 13. SeTroubleshoot
  • 14. SELinux: Possibilidades de Uso ● Labeled networking ● MLS ● Quiosque ● MCS ● Svirt ● mod_selinux ● Sandbox ● RBAC ● Android ● Sepgsql
  • 15. man -k selinux
  • 16. demo
  • 17. OBRIGADO! Ulisses Castro uss.thebug@gmail.com ulissescastro.wordpress.com Jeronimo Zucco jczucco@gmail.com jczucco.blogspot.com