Unread 05-11-2008, 04:37 PM
sl4shd0t
Posts: n/a
  #1  
Default How the NSA Took Linux To the Next Level

An anonymous reader brings us IBM Developerworks' recent analysis of how the NSA built SELinux to withstand attacks. The article shows us some of the relevant kernel architecture and compares SELinux to a few other approaches. We've discussed SELinux in the past. Quoting: "If you have a program that responds to socket requests but doesn't need to access the file system, then that program should be able to listen on a given socket but not have access to the file system. That way, if the program is exploited in some way, its access is explicitly minimized. This type of control is called mandatory access control (MAC). Another approach to controlling access is role-based access control (RBAC). In RBAC, permissions are provided based on roles that are granted by the security system. The concept of a role differs from that of a traditional group in that a group represents one or more users. A role can represent multiple users, but it also represents the permissions that a set of users can perform. SELinux adds both MAC and RBAC to the GNU/Linux operating system."http://developers.slashdot.org/slash.../05/11/1524236
Read more of this story at Slashdot.
http://rss.slashdot.org/~a/Slashdot/...opers?i=d7Y7bF</img>


More...
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 09:35 AM.


Powered by vBulletin® Version 3.0.1
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.