SlideShare a Scribd company logo

Introduction to Selinux

Atul Jha, profile picture
Atul Jha

SELinux provides mandatory access control on Linux systems to complement traditional discretionary access control. It enforces security policies that govern how processes and users can interact with files and resources based on security contexts. Key aspects of SELinux include user and role-based access controls, type enforcement that assigns types to processes and objects to define how they can interact, and multi-level security that assigns sensitivity and compartment labels to provide confidentiality. System administrators can configure SELinux policies and security contexts to enforce integrity and confidentiality.

BusinessTechnology
1 of 17
Downloaded 79 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Security-Enhanced Linux by Atul Jha aka koolhead17 By Atul Jha
SELinux: What?
Mandatory Access Control Complements traditional Discretionary Access Control
SELinux: Why?
Integrity (Type Enforcement) Confidentiality (Multi Level Security) Role Based Access Control
SELinux: Where?
Kernel: Security server Object manager Access Vector Cache
User space: Coreutils Policycoreutils Checkpolicy
SELinux-policy: Configuration data Rules that govern access
Policy models and concepts
SELinux identities or User based access control: - First field in security context tuple - SELinux identities a way to map Linux logins to SELinux Users - User based access control mechanisme to isolate SELinux users
Role Based Access Control: - Second field in security context tuple - Mechanism that enables SELinux users to switch types
Type Enforcement: - Third field in security context tuple - Processes and objects are assigned types - Policy governs how types can interact
Multi Level Security or Multi Category Security: - Fourth field in security context tuple
MLS: - Processes and objects are assigned security levels - Security level is a sensitivity and compartment(s) - s0 SystemLow - s15:c0.c1023 SystemHigh 16 sensitivities 1024 compartments “No read up and no write down”
MCS: - Alternative way to use MLS attribute - Only one sensitivity - 1024 categories - Semi-discretionary - MCS used in Svirt and Sandbox -X
SELinux resources: http://www.selinuxproject.org/page/User_Resources

More Related Content

PPTX
Security Enhanced Linux Overview
Emre Can Kucukoglu
 
PDF
Selinux
Ankit Raj
 
PPTX
Selinux
Mohitgupta8560
 
PPT
Introduction To SELinux
Rene Cunningham
 
ODP
SELinux for Everyday Users
PaulWay
 
ODP
SELinux Basic Usage
Dmytro Minochkin
 
PDF
SELinux introduction
Michael Nazzareno Trimarchi
 
PDF
How to use SELINUX (No I don't mean turn it off)
Chuck Reeves
 
Security Enhanced Linux Overview
Emre Can Kucukoglu
 
Selinux
Ankit Raj
 
Selinux
Mohitgupta8560
 
Introduction To SELinux
Rene Cunningham
 
SELinux for Everyday Users
PaulWay
 
SELinux Basic Usage
Dmytro Minochkin
 
SELinux introduction
Michael Nazzareno Trimarchi
 
How to use SELINUX (No I don't mean turn it off)
Chuck Reeves
 

What's hot (20)

PDF
MR201406 A Re-introduction to SELinux
FFRI, Inc.
 
ODP
chroot and SELinux
Shay Cohen
 
PDF
SELinux basics
Lubomir Rintel
 
PDF
Understanding SELinux For the Win
bmbouter
 
PDF
The SElinux Notebook :the foundations - Vol 1
Eliel Prado
 
PDF
Introduction to SELinux Part-I
n|u - The Open Security Community
 
ODP
How to live with SELinux
Bert Desmet
 
PPTX
SELinux_@gnu_group_meetup
Jayant Chutke
 
PDF
How to not disable SELinux
Rémy Gottschalk
 
PPT
Unix Security
replay21
 
PPT
Security and Linux Security
Rizky Ariestiyansyah
 
PPT
Threats, Vulnerabilities & Security measures in Linux
Amitesh Bharti
 
PPT
Basic Linux Security
pankaj009
 
PDF
2008 08-12 SELinux: A Key Component in Secure Infrastructures
Shawn Wells
 
PPT
Operating system vulnerability and control
أحلام انصارى
 
ODP
Slug 2009 06 SELinux For Sysadmins
PaulWay
 
PDF
Directions in SELinux Networking
James Morris
 
PPTX
Linux Security in Operating System
Meghaj Mallick
 
PPT
Inside Out Hacking - Bypassing Firewall
amiable_indian
 
PDF
Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...
James Morris
 
MR201406 A Re-introduction to SELinux
FFRI, Inc.
 
chroot and SELinux
Shay Cohen
 
SELinux basics
Lubomir Rintel
 
Understanding SELinux For the Win
bmbouter
 
The SElinux Notebook :the foundations - Vol 1
Eliel Prado
 
Introduction to SELinux Part-I
n|u - The Open Security Community
 
How to live with SELinux
Bert Desmet
 
SELinux_@gnu_group_meetup
Jayant Chutke
 
How to not disable SELinux
Rémy Gottschalk
 
Unix Security
replay21
 
Security and Linux Security
Rizky Ariestiyansyah
 
Threats, Vulnerabilities & Security measures in Linux
Amitesh Bharti
 
Basic Linux Security
pankaj009
 
2008 08-12 SELinux: A Key Component in Secure Infrastructures
Shawn Wells
 
Operating system vulnerability and control
أحلام انصارى
 
Slug 2009 06 SELinux For Sysadmins
PaulWay
 
Directions in SELinux Networking
James Morris
 
Linux Security in Operating System
Meghaj Mallick
 
Inside Out Hacking - Bypassing Firewall
amiable_indian
 
Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...
James Morris
 
Ad

Viewers also liked (20)

PDF
Selinux
Tiago
 
PPTX
Introducing Puppet - The faster speed of Automation
Ramit Surana
 
PPT
Openstack swift - VietOpenStack 6thmeeetup
Vietnam Open Infrastructure User Group
 
PDF
Swift Install Workshop - OpenStack Conference Spring 2012
Joe Arnold
 
PDF
OpenStack Swift on virtualbox
Atul Jha
 
PPT
Exploring Openstack Swift(Object Storage) and Swiftstack
Ramit Surana
 
DOCX
1 system security
Arjun Trivedi
 
PDF
OpenStack Swift production deployments
Atul Jha
 
PDF
Openstack Swift overview
어형 이
 
PDF
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CloudIDSummit
 
PPTX
Rbac
أحلام انصارى
 
PDF
Bootkits: past, present & future
Alex Matrosov
 
PPT
Security models
LJ PROJECTS
 
PDF
Resilient IoT Security: The end of flat security models
Milosch Meriac
 
PDF
Moving Security Model From Content to Context
Paolo Passeri
 
PPTX
Security models of modern mobile systems
Divya Raval
 
PPTX
Cia security model
Imran Ahmed
 
PPTX
Android sandbox
Anusha Chavan
 
PPTX
OpenStack으로 바로보는 상용 클라우드 플랫폼
Tae Young Lee
 
PPT
3. security architecture and models
7wounders
 
Selinux
Tiago
 
Introducing Puppet - The faster speed of Automation
Ramit Surana
 
Openstack swift - VietOpenStack 6thmeeetup
Vietnam Open Infrastructure User Group
 
Swift Install Workshop - OpenStack Conference Spring 2012
Joe Arnold
 
OpenStack Swift on virtualbox
Atul Jha
 
Exploring Openstack Swift(Object Storage) and Swiftstack
Ramit Surana
 
1 system security
Arjun Trivedi
 
OpenStack Swift production deployments
Atul Jha
 
Openstack Swift overview
어형 이
 
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CloudIDSummit
 
Rbac
أحلام انصارى
 
Bootkits: past, present & future
Alex Matrosov
 
Security models
LJ PROJECTS
 
Resilient IoT Security: The end of flat security models
Milosch Meriac
 
Moving Security Model From Content to Context
Paolo Passeri
 
Security models of modern mobile systems
Divya Raval
 
Cia security model
Imran Ahmed
 
Android sandbox
Anusha Chavan
 
OpenStack으로 바로보는 상용 클라우드 플랫폼
Tae Young Lee
 
3. security architecture and models
7wounders
 
Ad

Similar to Introduction to Selinux (20)

PDF
2008-10-15 Red Hat Deep Dive Sessions: SELinux
Shawn Wells
 
PDF
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
Shawn Wells
 
PDF
SELinux workshop
johseg
 
PDF
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
James Morris
 
PPTX
SE Linux
primeteacher32
 
PDF
SELinux Johannesburg Linux User Group (JoziJUg)
Jumping Bean
 
PPTX
selinuxbasicusage.pptx
Pandiya Rajan
 
PDF
SELinux Project Overview - Linux Foundation Japan Symposium 2008
James Morris
 
PDF
Managing SELinux Security - RHCSA (RH134).pdf
RHCSA Guru
 
PDF
SELinux Basics: Managing SELinux Modes and Context - RHCSA+.pdf
RHCSA Guru
 
PDF
PPT_Compiled
Avineshwar Singh
 
PDF
[Wroclaw #3] SELinux 101
OWASP
 
PPTX
SELinux concept in rhel_Linux_today.pptx
AbhradipChatterjee2
 
PDF
LCJ2010-KaiGai-Memcached
Kohei KaiGai
 
PDF
LCJ2010-KaiGai-sepgsql
Kohei KaiGai
 
PDF
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats
James Morris
 
PDF
SELinux Kernel Internals and Architecture - FOSS.IN/2005
James Morris
 
PPTX
Linux security introduction
Mohamed Gad
 
PPTX
Linux security
trilokchandra prakash
 
PDF
Se linux course1
OWASP (Open Web Application Security Project)
 
2008-10-15 Red Hat Deep Dive Sessions: SELinux
Shawn Wells
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
Shawn Wells
 
SELinux workshop
johseg
 
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
James Morris
 
SE Linux
primeteacher32
 
SELinux Johannesburg Linux User Group (JoziJUg)
Jumping Bean
 
selinuxbasicusage.pptx
Pandiya Rajan
 
SELinux Project Overview - Linux Foundation Japan Symposium 2008
James Morris
 
Managing SELinux Security - RHCSA (RH134).pdf
RHCSA Guru
 
SELinux Basics: Managing SELinux Modes and Context - RHCSA+.pdf
RHCSA Guru
 
PPT_Compiled
Avineshwar Singh
 
[Wroclaw #3] SELinux 101
OWASP
 
SELinux concept in rhel_Linux_today.pptx
AbhradipChatterjee2
 
LCJ2010-KaiGai-Memcached
Kohei KaiGai
 
LCJ2010-KaiGai-sepgsql
Kohei KaiGai
 
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats
James Morris
 
SELinux Kernel Internals and Architecture - FOSS.IN/2005
James Morris
 
Linux security introduction
Mohamed Gad
 
Linux security
trilokchandra prakash
 
Se linux course1
OWASP (Open Web Application Security Project)
 

More from Atul Jha (18)

PDF
Hooked by Nir Eyal
Atul Jha
 
PDF
Don't make me think: Steve Krug
Atul Jha
 
PDF
Thumbnail generation using Minio's event notification.
Atul Jha
 
PDF
Minio: Associated projects in Go programming.
Atul Jha
 
PDF
Open Source Cloud alternatives
Atul Jha
 
PDF
Summary of DockerCon Europe.
Atul Jha
 
ODP
OpenStack Swift: Panoramic View
Atul Jha
 
PDF
OpenStack : Linux User Group meetup
Atul Jha
 
PDF
OpenStack: An introduction
Atul Jha
 
PDF
Open Cloud -- Future of Cloud Computing
Atul Jha
 
PDF
Openstack: Open Source software for building public and private cloud.
Atul Jha
 
PDF
Introduction and hacking OpenStack, Pycon India
Atul Jha
 
PDF
Introduction to FOSS, SRM University
Atul Jha
 
PDF
Juju
Atul Jha
 
PDF
Phishing
Atul Jha
 
PDF
Foss adoption in Indian Government Enterprise.
Atul Jha
 
PDF
Nepal
Atul Jha
 
PDF
Introduction to Subversion
Atul Jha
 
Hooked by Nir Eyal
Atul Jha
 
Don't make me think: Steve Krug
Atul Jha
 
Thumbnail generation using Minio's event notification.
Atul Jha
 
Minio: Associated projects in Go programming.
Atul Jha
 
Open Source Cloud alternatives
Atul Jha
 
Summary of DockerCon Europe.
Atul Jha
 
OpenStack Swift: Panoramic View
Atul Jha
 
OpenStack : Linux User Group meetup
Atul Jha
 
OpenStack: An introduction
Atul Jha
 
Open Cloud -- Future of Cloud Computing
Atul Jha
 
Openstack: Open Source software for building public and private cloud.
Atul Jha
 
Introduction and hacking OpenStack, Pycon India
Atul Jha
 
Introduction to FOSS, SRM University
Atul Jha
 
Juju
Atul Jha
 
Phishing
Atul Jha
 
Foss adoption in Indian Government Enterprise.
Atul Jha
 
Nepal
Atul Jha
 
Introduction to Subversion
Atul Jha
 

Recently uploaded (20)

PDF
kom-180-proposal-for-a-directive-amending-directive-2014-45-eu-and-directive-...
nlusch08
 
PPT
340036916-American-Literature-Literary-Period-Overview.ppt
carinaherdiles611
 
PDF
Business model innovation report 2022.pdf
pradvapal
 
PDF
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
PDF
MSPs in 10 Words - Created by US MSP Network
Mayur Gudka
 
PPTX
Belch_12e_PPT_Ch18_Accessible_university.pptx
Haitham327103
 
PPTX
job Avenue by vinith.pptxvnbvnvnvbnvbnbmnbmbh
kaniece
 
PPTX
Amazon (Business Studies) management studies
AbhirupVerma
 
PDF
Outsourced Audit & Assurance in USA Why Globus Finanza is Your Trusted Choice
Globus finanza
 
PDF
How to Get Business Funding for Small Business Fast
Jake Thornhill
 
PDF
COST SHEET- Tender and Quotation unit 2.pdf
MANJU N
 
PDF
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
PDF
A Brief Introduction About Julia Allison
Julia Allison
 
PPTX
5 Stages of group development guide.pptx
keerthanashanmugam201
 
PPT
Data mining for business intelligence ch04 sharda
salmaalsaeed3
 
PPTX
CkgxkgxydkydyldylydlydyldlyddolydyoyyU2.pptx
DSAISUBRAHMANYAAASHR
 
PDF
BsN 7th Sem Course GridNNNNNNNN CCN.pdf
ZAMANYousufzai1
 
PPTX
The Marketing Journey - Tracey Phillips - Marketing Matters 7-2025.pptx
shannonzipoy2
 
PDF
20250805_A. Stotz All Weather Strategy - Performance review July 2025.pdf
FINNOMENAMarketing
 
PDF
Training And Development of Employee .pdf
nivethavm864
 
kom-180-proposal-for-a-directive-amending-directive-2014-45-eu-and-directive-...
nlusch08
 
340036916-American-Literature-Literary-Period-Overview.ppt
carinaherdiles611
 
Business model innovation report 2022.pdf
pradvapal
 
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
MSPs in 10 Words - Created by US MSP Network
Mayur Gudka
 
Belch_12e_PPT_Ch18_Accessible_university.pptx
Haitham327103
 
job Avenue by vinith.pptxvnbvnvnvbnvbnbmnbmbh
kaniece
 
Amazon (Business Studies) management studies
AbhirupVerma
 
Outsourced Audit & Assurance in USA Why Globus Finanza is Your Trusted Choice
Globus finanza
 
How to Get Business Funding for Small Business Fast
Jake Thornhill
 
COST SHEET- Tender and Quotation unit 2.pdf
MANJU N
 
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
A Brief Introduction About Julia Allison
Julia Allison
 
5 Stages of group development guide.pptx
keerthanashanmugam201
 
Data mining for business intelligence ch04 sharda
salmaalsaeed3
 
CkgxkgxydkydyldylydlydyldlyddolydyoyyU2.pptx
DSAISUBRAHMANYAAASHR
 
BsN 7th Sem Course GridNNNNNNNN CCN.pdf
ZAMANYousufzai1
 
The Marketing Journey - Tracey Phillips - Marketing Matters 7-2025.pptx
shannonzipoy2
 
20250805_A. Stotz All Weather Strategy - Performance review July 2025.pdf
FINNOMENAMarketing
 
Training And Development of Employee .pdf
nivethavm864
 

Introduction to Selinux