Security Enhanced Linux Syposium-SELinux 2007

This book contains 14 original papers on SELinux, an operating system program designed to protect against software vulnerabilities. The papers were originally presented at a 2007symposium sponsored by IBM, Red Hat, Tresys, and Hewlett-Packard. The book contains programming and other guidance for those using SELinux to improve the security of computer operating systems. TABLE OF CONTENTS Security-Enhanced Darwin: Porting SELinux to Mac OS X Christopher Vance, Todd C. Miller, Robert Dekelbaum and Andrew Reisse, SPARTA, Inc. Enforcing Security Enhanced Linux Policies in a Networked Policy Domain Joshua Brindle, Karen Vance and Chad Sellers, Tresys Technology Using the Flask Security Architecture to Facilitate Risk Adaptable Access Controls Machon Gregory and Peter Loscocco, National Security Agency Using GConf as an Example of How to Create an Userspace Object Manager James Carter, National Security Agency Application of the Flask Architecture to the X Window System Server Eamon F. Walsh, National Information Assurance Research Laboratory,National Security Agency FCGlob: A New SELinux File Context Syntax Don Miner, University of Maryland, Baltimore County James Athey, Tresys Technology, LLC Towards Intuitive Tools for Managing SELinux: Hiding the Details but Retaining the Power James Athey, Christopher Ashworth, Frank Mayer and Don Minner, Tresys Technology, LLC Madison: A New Approach to Policy Generation Karl MacMillan, Red Hat Setroubleshoot: A User Friendly Tool to Diagnose AVC Denials John Dennis, Red Hat The Design and Implementation of a Guard Installation and Administration Framework Boyd Fletcher, USJFCOM J9 & SPAWAR Systems Center San Diego Chris Roberts, General Dynamics Kurt Risser, Dataline Securing Inter-Process Communications in SELinux Spencer Shimko and Joshua Brindle, Tresys Technology, LLC Integrating SELinux with Security-Typed Languages Boniface Hicks, Sandra Rueda, Trent Jaeger and Patrick McDaniel, Systems and Internet Infrastructure Security Laboratory (SIIS), Computer Science and Engineering, Pennsylvania State University Porting Legacy Multilevel Secure Applications to Security Enhanced Linux Andy Suchoski and Rick Supplee, Hewlett Packard Company Extending Linux for Multi-Level Security George Wilson, IBM Corporation Klaus Weidner, Atsec Information Security Corporation Loulwa Salem, IBM Corporation Author Index