Red Hat Enterprise Linux 5 Administration Unleashed

CHAPTER 23Protecting AgainstIntruders with Security-Enhanced LinuxIN THIS CHAPTER. Selecting an SELinux Mode. Selecting and Customizing theSELinux Policy. Utilizing the SELinuxTroubleshooting Tool. Working with Security ContextsOn a system without Security-Enhanced Linux (SELinux)enabled, discretionary access control (DAC) is used for filesecurity. Basic file permissions as discussed in Chapter 4,“Understanding Linux Concepts,” and optionally accesscontrol lists as described in Chapter 7, “Managing Storage,”are used to grant file access to users. Users and programsalike are allowed to grant insecure file permissions toothers. For users, there is no way for an administrator toprevent a user from granting world-readable and worldwritablepermissions to his files. For programs, the fileoperations are performed as the owner of the process,which can be the root user, giving the program access toany file on the system.SELinux is a mandatory access control (MAC) mechanism,implemented in the kernel. Programs protected by SELinuxare only allowed access to parts of the filesystem theyrequire to function properly, meaning that if a programintentionally or unintentionally tries to access or modify afile not necessary for it to function or a file not in a directorycontrolled by the program, file access is denied andthe action is logged.The ability to protect files with SELinux is implemented inthe kernel. Exactly what files and directories are protectedand to what extent they are protected is defined by theSELinux policy. This chapter gives instructions on how toenable the SELinux protection mechanism, describes theSELinux policies available in Red Hat Enterprise Linux, tellsyou how to read the SELinux permissions of a file, showshow the SELinux Troubleshooting Tool alerts you ofSELinux errors, and steps you through how to change thesecurity context of files.