Linux Security Technology Essay

1875 words - 8 pages

|Linux Security Technology | |

1. SELinux
SELinux, an implementation of Mandatory Access Control (MAC) in the Linux kernel, adds the ability to administratively define policies on all subjects (processes) and objects (devices, files, and signaled processes). This mechanism is in the Linux kernel, checking for allowed operations after standard Linux Discretionary Access Controls DAC are checked.
Security-Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense-style ...view middle of the document...

A Linux kernel integrating SELinux enforces mandatory access-control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs. This reduces or eliminates the ability of these programs and daemons to cause harm when compromised (via buffer overflows or misconfigurations, for example). This confinement mechanism operates independently of the traditional Linux access control mechanisms. It has no concept of a "root" super-user, and does not share the well-known shortcomings of the traditional Linux security mechanisms (such as a dependence on setuid/setgid binaries).
The security of an unmodified Linux system depends on the correctness of the kernel, all the privileged applications, and each of their configurations. A problem in any one of these areas may allow the compromise of the entire system. In contrast, the security of a modified system based on the Security-enhanced Linux kernel depends primarily on the correctness of the kernel and its security policy configuration. While problems with the correctness or configuration of applications may allow the limited compromise of individual user programs and system daemons, they do not pose a threat to the security of other user programs and system daemons or to the security of the system as a whole.
SELinux users and roles are not related to the actual system users and roles. For every current user or process, SELinux assigns a three string context consisting of a role, user name, and domain (or type). This system is more flexible than normally required: as a rule, most of the real users share the same SELinux username, and all access control is managed through the third tag, the domain. Circumstance for when the user is allowed to get into a certain domain must be configured in the policies. The command runcon allows for the launching of a process into an explicitly specified context (user, role and domain), but SELinux may deny the transition if it is not approved by the policy configuration.
Typical policy rules often consist of explicit permissions; which domains the user must possess to perform certain actions with the given target (read, execute, or, in case of network port, bind or connect), and so on. More complex mappings are also possible, involving roles and security levels. A typical policy consists of a mapping (labeling) file, a rule file, and an interface file, that define the domain transition. These three files must be compiled together with the SELinux tools to produce a single policy file. The resulting policy file can be loaded into the kernel, making it active. Loading and unloading policies does not require a reboot. The policy files are either hand written or can be generated from the more user friendly SELinux management tool. They are normally tested in permissive mode first, where violations are logged but allowed. The audit2allow tool can be used later to produce additional rules that extend the...

Other Papers Like Linux Security Technology

Homework Assignment 2.1

1186 words - 5 pages ” distributions are really distributions of GNU/Linux. 3. List and describe in detail four advantages of Linux. Applications – Linux is both free and commercial as well as a wide variety of tools: graphical, word processing, networking, security administration, Web server and many others. Flexibility - Linux can be used for high performance server applications, desktop applications, and embedded systems. You can save disk space by only installing the

Os Comparision Essay

4790 words - 20 pages , operating systems, technology platforms, Linux, innovation incentives. JEL Classification: L 10, L86, L3 1. 10.1 INTRODUCTION Open source software is an emerging type of software that may fundamentally affect the business and economic features of the software industry. Linux, an open source operating system, has been the prominent example of the potential of the open source movement, competing against Microsoft Windows, the incumbent operating

Unix Vs. Windows Server

2110 words - 9 pages than just technology, it's also attitude. It begins with the acknowledgment that security is an important issue. Security also has to permeate the business processes used to create and use software." It is understood that Unix culture values code which is useful to other programmers, while Microsoft Windows culture values code which is useful to non-programmers. For this reason, Unix and Linux have traditionally been used and developed more

Windows Linux Security

5790 words - 24 pages responds to input from the user), raising the priority of interactive and I/O bounded processes and lowering that of CPU bound processes, to increase the responsiveness of interactive applications.[8] b- Memory Management Disk (Paging) Most hard drive installations of Linux utilize a "swap partition", a partition dedicated exclusively for paging operations. This reduces slowdown due to disk fragmentation 6- Security a- Malware More than 800 pieces

Research Paper

753 words - 4 pages ? Linux offers robust security measures making it hard to be hacked. Firms running sensitive data and information could improve the security of their systems by using Linux as opposed to MS-Windows which is vulnerable to hacking (Gallaugher, 2013). Similarly the operating system is not prone to virus attacks hence making ideal to be deployed in an environment where there is a greater risk of virus infections.  The operating system may

File Management

2696 words - 11 pages main reason the MAC   has been created are to help prevent security threats to a system.   Threats from user errors, software flaws, and malicious users can be reduced by implementing MAC.   MAC will only allow the user to do the processes permitted by the policies applied. 4 The next Linux Security Technology to be discussed in this paper is chroot.   There was not a particular organization behind this security technology.   This utility was

Technical Essay

1705 words - 7 pages (2014Spring) INFO TECHNOLOGY INFRASTRUCTURE INFO-300-901-2014Spring | Technical Essay 3 | a comparative analysis | | Kym Harris | 4/26/2014 | | Introduction Microsoft Windows, Apple Macintosh, and Red Hat Linux are the most popular operating systems used today. All three platforms have pros and cons, but many users struggle to find the right OS to serve their computing needs. While Macintosh and Linux seem to be impenetrable to

Kohls Manager

2581 words - 11 pages will use the products. However the ever-changing field of technology has become more user-friendly, compatible, and more accepted in main stream than before. The main operating systems employed today are as follows: UNIX/Linux, Mac, and Windows. We will explore the various aspects of key components in these operating systems, memory, process, and file management along with the security of each system. The comparison of each system will

Contrast and Comparison of Operating Systems

3990 words - 16 pages Contrast and Comparison of Operating Systems Team B will take what we have learned from our course POS/355 Operating systems and research to compare and contrast the UNIX/Linux, Microsoft Windows, and MacOS systems. In particular we will contrast and compare the different operating systems in regards to memory management, processing, file management and security. Operating systems at the core is all about the kernel. The kernel in all of the

Operating System Analysis Paper

4124 words - 17 pages 2003, and Linux operating systems are to consider the system requirements, the different editions available, security features, system features, updates and support, user interface, and cost effectiveness. Moreover, the best fit operating system can be determined depended on the individual’s or organization’s needs. Operating System Requirements Windows XP The system requirements for Windows XP Home Edition and Professional Edition are the same

Open Source Software

2551 words - 11 pages viruses, Trojans or malware. The reason for this lies in the permission and access control of Linux systems. In order to install a virus onto a Linux system the application needs to gain administrator, or root rights. Many companies are even using Linux as their firewall system. “A standard tactic on many networks is to employ a secure Linux box as a firewall, intercepting intruders before they hit the network, and Security Enhanced Linux (SeLinux

Related Essays

Linux Essay

1010 words - 5 pages bnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnm Research Assignment 2.1 4/9/2012 Kathleen Cline | Research Assignment 2.1 Linux security technologies SELinux, chroot jail, and iptables For each security technology, explain what organization (if any) is behind it

Computer Oss Comparison Essay

1900 words - 8 pages for SMP machines” (Santhanam, 2003). These changes are what moved Linux from being just a UNIX OS for PC to a viable business operating system. Linux kernel version 2.6, which was released in December 2003, introduced the SELinux security extension, which improved the performance of this OS on the higher end machines by cleaning up the kernel codebase to allow newer feature to be integrated into the kernel such as virtualization and

Linux Security Technologies Essay

1229 words - 5 pages without having to worry about network security. When researching some Linux security technologies I have found that there are many security technologies that you can use in protecting your network. The few that I have mentioned are just the tip of the iceberg. If you want to have a secure network I think that Linux programming is where you want to be if you aren’t already. The future is always changing with technology and I think Linux has been

Linux Security Essay

448 words - 2 pages Linux Security Project Part 1 Instructor Sandro Tuccinardi Student Brian Dupee Security Policy Outline First World bank wants to provide banking services online to its customers. The institution estimates over $100,000,000 a year in online credit card transactions for loan applications and other banking services. According to a team that was formed using a Linux an open source infrastructure would roughly as