Friday, April 14, 2017

SELinux Overview

Today our topic of discussion is SELinux. We would discuss below points regarding SELinux:

What is SELinux?
Why SELinux?
How does SELinux work?

What is  SELinux?

Security Enhanced Linux or SELinux  is a security enhancement to Linux which provides more control over the default access control policy i.e. DAC (Discretionary Access Control) that by default comes with the every Linux distribution. It is an implementation of mandatory access controls (MAC) on Linux which allows us to define which users and applications can access which resources like files, devices, networks and inter-process communication.

Why SELinux? 

Users and applications can modify the Standard Linux access controls, such as file modes (-rwxr-xr-x). Keeping this point in mind, we would discuss some use cases / scenarios which would clearly depict the significance and necessity SELinux.
  • Users have the discretion to grant or revoke access to the files to other users and groups. This way some critical files might be exposed to others who don't need this access. Even if users are careful about security while granting access, there's no way to enforce it for every single file in the system. For example: You want to restrict the users from executing shell scripts from their home directories for security reasons. They have read only access to files in the home directory. Do you think it's feasible to revoke execute access from every files in the home directory.
  • Suppose an application or a process is running as the root user or account having superuser privileges and someone takes control over that application or a process. In this case, the unauthenticated user can use the application to get access to desired resource that the user account has access to. For example: If the user shell have access to do anything he wants with his home directory and when someone use the mail client to access the ssh keys present in the home directory then what would happen.
Therefore using SELinux, one can differentiate a user from the applications a user runs and also clearly define what resources are accessible by the user and the application or process.

How does SELinux work?

Although SELinux  uses multiple security model to enforce the access control policy, the type enforcement model is most important to SELinux. This model is very simple to understand.

Using "type", application and resources are classified and then access control is enforced based on that "type" variable that means which "type" of application can access which "type" of resources.
Actually all files, processes, network resources, etc on an SELinux system has a label and one of the components of that label is the "type".  Type enforcement security model simply allows us to specify what application label can access what resource label.

For example:
allow firefox_t user_home_t : file { read write };
This simply allows our web browser, running as firefox_t to read and write files in our home directory, labeled as user_home_t.

Thank you for reading this article. Hope you would like it. If you have any suggestion or have any question do let me know in the comments. Happy Learning!!

No comments:

Post a Comment