OS Layers Applications & Userland Privileged User Kernel Operating System Hardware
What is DAC? Discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject".
DAC based systems Linux BSD Solaris Please note that this does not represent an exhaustive list.
What is MAC? In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In practice, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, etc. Subjects and objects each have a set of security attributes. Whenever a subject attempts to access an object, an authorization rule enforced by the operating system kernel examines these security attributes and decides whether the access can take place. * Cost of custom research service depends on project scope
Examples for a MAC based System • SELinux •Trusted BSD (For BSD based systems only) •Trusted Solaris Or what was Solaris 10
Securing a Linux distro. /etc/default/secu /etc/sysctl.conf /etc/pam.d rity Uninstall / Restrict root disable .Enable Auditing. logins. unnecessary daemons. Configure IP- Reconfigure the Chroot. Tables. kernel. Please note that this does not represent an exhaustive list.
Problems persist…… Access is based upon users access Processes can change security properties Standard access control is discretionary Privilege levels are user & root
History of SELinux SELinux was originally a development project from the National Security Agency (NSA) and others The NSA integrated SELinux into the Linux kernel using the Linux Security Modules (LSM) framework. The next evolution of SELinux was as a loadable kernel module for the 2.4.<x> series of Linux kernels. This module stored PSIDs in a normal file, and SELinux was able to support more file systems. The SELinux code was integrated upstream to the 2.6.x kernel, which has full support for LSM and has extended attributes (xattrs) in the ext3 file system. SELinux was moved to using xattrs to store security context information.
The SELinux advantage Ability to confine services. Auditing logs for reporting. Provide fine grained access control. Provides a system wide policy when in enforcing mode.Please note that this does not represent an exhaustive list.
Terminal Output Output from a Linux systemdaemonology@darkstar:~$ ls -la /var/www/index.html-rw-r--r--. 1 root root 177 2011-05-10 21:31 /var/www/index.html Output from a SELinux systemdaemonology@darkstar:~$ ls -Z /var/www/html/index.html-rw-r--r-- username username system_u:object_r:httpd_sys_content_t /var/www/index.html