m (starting to add content) |
m (→Security-Enhanced Linux Preface: adding content) |
||
Line 3: | Line 3: | ||
= Security-Enhanced Linux Preface = | = Security-Enhanced Linux Preface = | ||
On Linux operating systems, everything is represented as a file. For example, a hard disk can be represented as the <code>/dev/hda</code> file, and processes, such as Mozilla Firefox, are represented as files in the proc file system (<code>/proc</code>. | On Linux operating systems, everything is represented as a file. For example, a hard disk can be represented as the <code>/dev/hda</code> file, and processes, such as Mozilla Firefox, are represented as files in the proc file system (<code>/proc</code>). These files are called objects. Linux operating systems use a Discretionary Access Control (DAC) system, that defines access to these objects. Users have access to change permissions for files and directories that they own. They could, for example, make their home directory world-readable, potentially allowing access to privileged information from other users, or giving processes, such as a Web server, access to serve these files. |
Revision as of 04:20, 28 July 2008
Content Specification
Security-Enhanced Linux Preface
On Linux operating systems, everything is represented as a file. For example, a hard disk can be represented as the /dev/hda
file, and processes, such as Mozilla Firefox, are represented as files in the proc file system (/proc
). These files are called objects. Linux operating systems use a Discretionary Access Control (DAC) system, that defines access to these objects. Users have access to change permissions for files and directories that they own. They could, for example, make their home directory world-readable, potentially allowing access to privileged information from other users, or giving processes, such as a Web server, access to serve these files.