SELinux Symposium Notes: Session 4

[Editor's note: more notes taken during the SELinux Symposium earlier this month. Insert standard disclaimer of accuracy here. My notes from this session are less detailed than for the others, too.]

Progress of SELinux Policy Editor (Yuichi Nakamura, The George Washington University, Hitachi Software)

[for full effect, read the following with microphone feedback in the background]
editor for simplified SELinux policy — path-name based, reduced set of permissions
18% permissions removed — unused, DAC-related, redundant

SLIDE: An Integrated Policy Development Environment (James Athey, Tresys Technology)

Eclipse plugin for refpolicy development
set of usual IDE features, module browsers, etc.

Integrating Multi-Category Security into Fedora (James Morris et. al., Red Hat)

MCS uses categories, not sensitivities, complements targeted policy (better for commercial users) discretionary/advisory scheme
some discretionary control (mail, labeled printing, etc.)

Protecting the Internet from Zombie Armies with DeSPAC-SE (Eric Freudenthal, University of Texas at El Paso)

end user can’t write policy, wants to download & run code off the internet w/o labeling manually appropriately
idea: automatically determine & install labels for downloaded data
on exec of unknown file, query agent to classify it (but assumes agent knows …)
based on virus scanner model

A User-Space Monitor for High-Assurance Workflows (Jacques Thomas, Purdue University)

use MAC to generate control flow through workflow, a la Clark-Wilson, including SoD
high assurance in demand (e.g. Sarbanes-Oxley) — workflow protection all the way down
flexible framework makes auditing easier
workflow split into separate, individually confined tasks; only valid transitions are allowed

Playing Well With Others: Implementing CIPSO on Linux (Paul Moore, HP)

CIPSO labels IPv4 packets using options (e.g. MLS labels, TE types)
Linux currently lacks interoperable support for labeled networking
original attempt rejected (too invasive); now try using LSM hooks

Setools: Current Status and Future Directions (Kevin Carr, Tresys Technology)

enhancing sediff, seaudit; add sechecker
sediff used to help refpolicy transition; visualization & filtering improved
sechecker checks for common policy errors (e.g. incomplete permissions, lack of domain/type separation)

Comments are closed.