没有合适的资源?快使用搜索试试~ 我知道了~
SELinux手册 电子书 pdf 英文
需积分: 0 0 下载量 142 浏览量
2024-01-12
11:32:29
上传
评论
收藏 2.63MB PDF 举报
温馨提示
试读
422页
SELinux手册 电子书 pdf 英文
资源推荐
资源详情
资源评论
The SELinux
Notebook
December 16, 2022 (rev 40f0fb85fb02)
Copyright Information
Copyright (c) 2020 Richard Haines
Copyright (c) 2020 Paul Moore
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free
Documentation License, Version 1.3 or any later version published by the Free Software Foundation.
See: http://www.gnu.org/licenses/fdl-1.3.html
Acknowledgements
The Notebook was originally created by Richard Haines who graciously donated the source material to the
SELinux project.
The SELinux logo was designed by Máirín Duy.
The SELinux Notebook
Page 2
Introduction
This Notebook should help with explaining:
SELinux and its purpose in life.
The LSM / SELinux architecture, its supporting services and how they are implemented within GNU / Linux.
SELinux Networking, Virtual Machine, X-Windows, PostgreSQL and Apache/SELinux-Plus SELinux-aware
capabilities.
The core SELinux kernel policy language and how basic policy modules can be constructed for instructional
purposes.
An introduction to the new Common Intermediate Language (CIL) implementation.
The core SELinux policy management tools with examples of usage.
The Reference Policy architecture, its supporting services and how it is implemented.
The integration of SELinux within Android.
Notebook Overview
This volume has the following major sections:
SELinux Overview - Gives a description of SELinux and its major components to provide Mandatory Access
Control services for GNU / Linux. Hopefully it will show how all the SELinux components link together and how
SELinux-aware applications / object manager have been implemented (such as Networking, X-Windows,
PostgreSQL and virtual machines).
SELinux Conguration Files - Describes all known SELinux conguration les with samples. Also lists any
specic SELinux commands or libselinux APIs used by them.
SELinux Policy Language - Gives a brief description of each policy language statement, with supporting examples
taken from the Reference Policy source. Also an introduction to the new CIL language (Common Intermediate
Language).
The Reference Policy - Describes the Reference Policy and its supporting macros.
Android - An overview of the SELinux services used to support Android.
Object Classes and Permissions - Describes the SELinux object classes and permissions.
Notebook Examples
The Notebook examples are not embedded into any of the document formats described in https://github.com/
SELinuxProject/selinux-notebook/blob/main/BUILD.md, however they will have links to them in their build
directories.
Updated Editions
The SELinux Notebook is being maintained as part of the SELinux project, more recent editions may be available.
See: https://github.com/SELinuxProject/selinux-notebook
1.
2.
3.
4.
5.
6.
7.
8.
The SELinux Notebook
Page 3
Table of Contents
Abbreviations and Terminology
SELinux Overview
Core Components
Mandatory Access Control (MAC)
SELinux Users
Role-Based Access Control (RBAC)
Type Enforcement (TE)
Security Context
Subjects
Objects
Computing Security Contexts
Computing Access Decisions
Domain and Object Transitions
Multi-Level and Multi-Category Security
Types of SELinux Policy
Permissive and Enforcing Modes
Auditing Events
Polyinstantiation Support
PAM Login Process
Linux Security Module and SELinux
Userspace Libraries
Networking Support
Virtual Machine Support
X-Windows Support
SE-PostgreSQL Support
Apache-Plus Support
SELinux Conguration Files
Global Conguration Files
Policy Store Conguration Files
Policy Conguration Files
SELinux Policy Languages
CIL Policy Language
CIL Reference Guide
Kernel Policy Language
Policy Conguration Statements
Default Rules
User Statements
Role Statements
Type Statements
Bounds Rules
Access Vector Rules
Extended Access Vector Rules
Object Class and Permission Statements
Conditional Policy Statements
Constraint Statements
MLS Statements
Security ID (SID) Statement
File System Labeling Statements
Network Labeling Statements
InniBand Labeling Statements
XEN Statements
Modular Policy Support Statements
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
◦
◦
◦
•
◦
▪
◦
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
The SELinux Notebook
Page 4
The Reference Policy
Hardening SELinux
Implementing SELinux-aware Applications
Embedded Systems
SE for Android
Appendix A - Object Classes and Permissions
Appendix B - libselinux API Summary
Appendix C - SELinux Commands
Appendix D - Debugging Policy - Hints and Tips
Appendix E - Policy Validation Example
•
•
•
•
•
•
•
•
•
•
The SELinux Notebook
Page 5
剩余421页未读,继续阅读
资源评论
power1952
- 粉丝: 99
- 资源: 8
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功