2010/2/19 Dominick Grift domg472@gmail.com:
On 02/19/2010 01:29 PM, Shintaro Fujiwara wrote:
2010/2/19 Dominick Grift domg472@gmail.com:
On 02/18/2010 10:17 PM, Shintaro Fujiwara wrote:
Hi, I 'm ready to start SELinux server in my office first time, and I want to persuade everyone how safe the SELinux server is.
How can I demonstrate administrators and my boss the advantage of SELinux comparing other servers?
SELinux play machine hit me but is too far or should I just demonstrate in a certain ocassion for certain purpose?
It depends a bit on your distro and policy model.
But generally you can demonstrate how TE enforces integrity for targeted system daemons.
If you use strict policy you can also enforce integrity for user processes. You can also demonstrate role based access control.
You can demonstrate how MCS can be useful to restrict processes access to objects.
If you use MLS model you can demonstrate enforcement of confidentiality.
I never actually connected to play machine but i gather it mapped the root Linux login to the user_u SELinux user.
Sounds great, bu if root became user_u, any other user should be id=0 ?
No, root linux login is id 0, and root is in the user_u SELinux user group.
So in practice you will end up with a restricted root.
Thanks we both awake...9 Yes, I know, but how can I configure, say semanage or anything if user id 0 (root) is restricted by SELinux ? Should I make, say user "fujiwara" id 0 also? I don't know two user can be id 0, though... Or you mean temporarily set root user_u ? That'll make sense.
There are a lot of ways to demonstrate SELinux. You could restrict a simple hello world shell script and shows what happens if you extend the script to make it do something it is not intended to do.
Same goes for webapplications. You could write a webapp and make it do something that SELinux policy does not allow it to do.
Generally TE tries to prevent privilege escalation. It restricts processes.
Yes, thanks, but I want to demonstrate how SELinux denies when web application's vulnerability exists. Say, it could not get root's priviladges.
In that case find or engineer a web application vulnerability and demonstrate how SELinux is able to prevent privilege escalation.
OK, I think I can do that. But apache has any vulnerability? Oh, we should not talk this matter..
Thanks in advance.
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux