From Fedora Project Wiki
(→Targeted Policy Overview: note about the single role) |
|||
| Line 25: | Line 25: | ||
* Users and roles: user_u, user_r, system_r, and so on. | * Users and roles: user_u, user_r, system_r, and so on. | ||
When using targeted policy, domains run as the <code>system_r</code> role. Type enforcement then separates each domain. | |||
== SELinux Contexts and Attributes == | == SELinux Contexts and Attributes == | ||
[[Docs/Drafts/SELinx User Guide/SELinux Content Specification/Contexts and Attributes| SELinux Contexts and Attributes]] | [[Docs/Drafts/SELinx User Guide/SELinux Content Specification/Contexts and Attributes| SELinux Contexts and Attributes]] | ||
Revision as of 06:40, 31 July 2008
Content Specification (Draft-only)
SELinux Introduction
SELinux Basics
Someone suggested having a section, that detailed if you are not going to do anything else with SELinux, then at least do these 3-4 things...
Access Control
Describe the concepts of the following, using <http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/selg-overview.html> as a guide:
- Discretionary Access Control (DAC)
- Mandatory Access Control (MAC)
- Multi-Level Security (MLS)
- Mutli-Category Security (MCS)
- Type Enforcement (TE)
- Role Based Access Control (RBAC)
Targeted Policy Overview
- Introduction to targeted policy: <http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/sec-sel-policy-targeted-oview.html>.
- Confined and unconfined processes. Explain unconfined.
- Users and roles: user_u, user_r, system_r, and so on.
When using targeted policy, domains run as the system_r role. Type enforcement then separates each domain.