论文信息 - Have You Driven an SELinux Lately?

Have You Driven an SELinux Lately?

Security Enhanced Linux (SELinux) [18] has evolved rapidly over the last few years, with many enhancements made to both its core technology and higher-level tools. Following integration into several Linux distributions, SELinux has become the first widely used Mandatory Access Control (MAC) scheme. It has helped Linux to receive the highest security certification likely possible for a mainstream off the shelf operating system. SELinux has also proven its worth for general purpose use in mitigating several serious security flaws. While SELinux has a reputation for being difficult to use, recent developments have helped significantly in this area, and user adoption is advancing rapidly. This paper provides an informal update on the project, discussing key developments and challenges, with the aim of helping people to better understand current SELinux and to make more effective use of it in a wide variety of situations.

[1] D. Richard Kuhn,et al. Role-Based Access Controls , 2009, ArXiv.

[2] Peter Loscocco,et al. Meeting Critical Security Objectives with Security-Enhanced Linux , 2001 .

[3] Eamon F. Walsh,et al. Application of the Flask Architecture to the X Window System Server , 2007 .

[4] Mike Hibler,et al. The Flask Security Architecture: System Support for Diverse Security Policies , 1999, USENIX Security Symposium.

[5] Using GConf as an Example of How to Create an Userspace Object Manager , 2007 .

[6] Crispin Cowan,et al. Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[7] C. Pollard,et al. Center for the Study of Language and Information , 2022 .

[8] Stephen Smalley,et al. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments , 2000 .

[9] Ajaya Chitturi. Implementing Mandatory Network Security In A Policy-Flexible System , 1998 .

[10] Karl MacMillan,et al. Reference Policy for Security Enhanced Linux , 2006 .