From Fedora Project Wiki
(→Feedback and Suggestions: was still too wide) |
(→Feedback and Suggestions: adding context for sugarcrm files) |
||
Line 4: | Line 4: | ||
* Is SELinux enabled by default on Debian? If not, link to appropriate information (probably found on http://wiki.debian.org/) | * Is SELinux enabled by default on Debian? If not, link to appropriate information (probably found on http://wiki.debian.org/) | ||
* Is <code>system_u:object_r:httpd_sys_content_t</code> required for all SugarCRM? | |||
Suggestions from domg472: | Suggestions from domg472: |
Revision as of 01:06, 20 July 2008
Feedback and Suggestions
Feel free to add any suggestions or corrections here. Thanks :)
- Is SELinux enabled by default on Debian? If not, link to appropriate information (probably found on http://wiki.debian.org/)
- Is
system_u:object_r:httpd_sys_content_t
required for all SugarCRM?
Suggestions from domg472:
Basic access control models ( DAC , MAC ) ( not so basic MDAC ) explain discretionary explain the dac model attributes: user group permission bits explain why dac acl is not sufficient. example privilege escalation explain the mac model attributes: security context explain mandatory explain that MAC is ACL layer on top of the DAC ACL layer explain Type enforcement explain Role Based AC explain Multi Level Security Explain Multi Category/Compartment Security compare a selinux system to a submarine with compartments. if one compartment has a leak, the water will be contained to that compartment and will not be able to spread ( escalate) . submarine will not sink Security context / SELinux attributes explain the security context tuple and how to read it (explain the fields) explain user ( which SELinux user (group) created the object? ) explain type is the attribute for type enforcement (TE) explain role is the attribute for role enforcement (RBAC) explain security level is the attribute for security level enforcement (MLS) explain categories/compartments is the attribute for security level enforcement or category/compartment enforcement (MLS or MCS) Subjects and objects ( processes and "files" ) explain that everything in a system is a object explain that even subjects in a system are represented as objects in proc mountpoint explain subjects and objects explain subjects are processes (ps auxZ) explain objects are "files" (ls -alZ) - file objects ( files , lnk files, dirs, fifo files, sock files etc) - port objects - interface objects - node objects - objects available by other programs ACE access control extension: XACE, sepostgesql, SEDBUS, mscd, etc. - explain object is a class defined in kernel :process :file :tcp_socket example of a class: process. example of a class: file explain domain type is the attribute of a process ( user_t is (user) domain type/attribute of "user" explain object type is the attribute of a object or "file". do not mistake files with file objects/file types. a "file" is any object explain that a object type can never be a scontext ( source context ) in a avc denail explain that processes (subjects) generally operate on files (objects) explain that processes (subjects) also operate on other processes (subjects) example: process ( sigchld ) if a user processes spawns a program process. explain that "files" ( objects ) do not operate. they get operated on by subjects ( processes ) explain permissions that define how to operate on subjects and objects ( classes ) are defined in the kernel and are attributes of classes explain classes and their attributes are static defined in kernel: - example of a file object class and its attributes: + file read + dir write + lnk_file getattr - example of a subject class and its attributes: + process sigchld - example of a object available by other programs ACL + dbus send_msg explain that although classes and their attributes are defined in the kernel, that one can assign "types" to subjects and objects, and that one can define policy for these types can interact using the object classes and their attributes supplied by the kernel. example: scontext/domain type/subject | tcontext/file type/object | "object" class | "object" permissions/attributes ___________________________________________________________________________________________________________________________ user_t | user_home_t | dir | getattr httpd_t | httpd_sys_content_ra_t | file | read user_t | mozilla_t | process | sigchld user_t | self | process | transition mozilla_t | httpd_port_t | tcp_socket | connect unconfined_t | cupsd_t | dbus | send_msg How to find out if selinux is supported /enabled: supported?: http://domg444.blogspot.com/2007/11/how-to-determine-if-our-system-supports.html enabled?: getenforce /selinux/config sestatus explain selinux framework and selinux policy. explain the selinux framework is responsible for enforcing policy. explain the access vector cache. perruse selinux packages ( rpm -ql ) and discuss important locations : /etc/selinux , /selinux How to disable SELinux: i refer to dwalsh blog. some highlights selinux=0 , enforcing=0, setenforce 0, system-config-selinux, semanage system-config-selinux is a GUI for semanage. semanage is THE central managing point for SELinux administration: label file objects ( semanage fcontect -a) label port objects ( semanage port -a) etc explain each optipn of semanage and system-config-selinux: label interfaces, set booleans, add , modify, delete selinux user (groups) and SELinux logins. explain translation ( requires mcstransd ) explain what mcstransd does explain what restorecond does explain auditd connection to selinux ( explain ausearch /auctl ) show some pratical examples for managing users. add a unconfined user , add a confined user , add a staff users, assign mcs categories to user (ranges) create custom selinux user groups create custom selinux logins explain booleans explain customizable types mention manual pages for targeted daemons. explain audit2allow explain audit2why explain sesearch and how you can use this to make decisions explain semodule, sestatus , restorecon , semanage, setenforce , getenforce explain limitations of chcon explain advantage of chcon explain chcat explain selinux-policy-devel ( /usr/share/selinux/devel/Makefile ) show example how to make a custom policy module explain the limitations of a policy module package explain the advantages of a policy module package explain role base access control and derrived types. explain star and selinux tar support (exmaples) important: Possible problems caused from running in permissive mode, such as having permissions to mislabel files. important: Copying Vs moving files. explain avc denials field by field. explain advantage and limitation of sealert/setroublehoot and how this relates to audit. explain file_t, unlabeled_t explain initrc_t explain unconfined_t explain sepolgen and gui explain why /tmp will not be relabled: http://domg444.blogspot.com/2007/11/why-files-with-incompatible-types-in.html read selinux by example book explain the MLS vs TARGETED explain mcs role in targetted versus mcs role in mls