Mls Policy - Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT Deployment Manual
Hide thumbs
Also See for ENTERPRISE LINUX 5 - DEPLOYMENT:
- Manual (402 pages) ,
- Configuration (86 pages) ,
- Overview (68 pages)
Table of Contents
Advertisement
An SL must have one sensitivity, and may have zero or more categories.
Examples of SLs are: { Secret / UFO, Crypto }, { Top Secret / UFO, Crypto, Stargate } and
{ Unclassified }
Note the hierarchical sensitivity followed by zero or more categories. The reason for having categories
as well as sensitivities is so that sensitivities can be further compartmentalized on a need-to-know
basis. For example, while a process may be cleared to the "Secret" sensitivity level, it may not need
any type of access to the project "Warp Drive" (which could be the name of a category).
Note
1. Security Levels on objects are called Classifications.
2. Security Levels on subjects are called Clearances.
Thus, objects are labeled with a Classification, while subjects operate with a specific
Clearance. Security Levels can have also Ranges, but these are beyond the scope of this
introduction.
44.6.3. MLS Policy
SELinux uses the Bell-La Padula BLP model, with Type Enforcement (TE) for integrity. In simple
terms, MLS policy ensures that a Subject has an appropriate clearance to access an Object of a
particular classification.
For example, under MLS, the system needs to know how to process a request such as: Can a process
running with a clearance of { Top Secret / UFO, Rail gun } write to a file classified as { Top Secret /
UFO } ?
The MLS model and the policy implemented for it will determine the answer. (Consider, for example,
the problem of information leaking out of the Rail gun category into the file).
MLS meets a very narrow (yet critical) set of security requirements based around the way information
and personnel are managed in rigidly controlled environments such as the military. MLS is typically
difficult to work with and does not map well to general-case scenarios.
Type Enforcement (TE) under SELinux is a more flexible and expressive security scheme, which is in
many cases more suitable than MLS.
There are, however, several scenarios where traditional MLS is still required. For example, a file
server where the stored data may be of mixed classification and where clients connect at different
clearances. This results in a large number of Security Levels and a need for strong isolation all on a
single system.
This type of scenario is the reason that SELinux includes MLS as a security model, as an adjunct to
TE.
MLS Policy
741
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT
Related Products for Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT
- Red Hat CLUSTER FOR ENTERPRISE LINUX 5.0
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 5.1
- Red Hat ENTERPRISE LINUX 5 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 5.1 DM MULTIPATH
- Red Hat ENTERPRISE LINUX 5.1 - LVM ADMINISTRATION
- Red Hat ENTERPRISE LINUX 5.1 - LINUX ORACLE
- Red Hat ENTERPRISE LINUX 5.3 - RELEASE MANIFEST
- Red Hat ENTERPRISE LINUX 5.5 - S 2010
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 5.2
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.5
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.7
- Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE
- Red Hat ENTERPRISE LINUX 3 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE
- Red Hat ENTERPRISE LINUX 4 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 4.5.0 -
Need help?
Do you have a question about the ENTERPRISE LINUX 5 - DEPLOYMENT and is the answer not in the manual?
Questions and answers