The next release of Security Blanket will support Security-Enhanced Linux (SELinux). Previous releases of Security Blanket would only work if SELinux was enabled but was operating in permissive mode. SELinux has been growing in popularity for many reasons and is no longer used by just government organizations requiring mandatory access control (MAC) and multilevel security (MLS) systems.
Among other things, domain-types and data confidentiality help protect a system's integrity. In particular, Red Hat® (and its clones) have been delivering the “targeted” policy. According to the documentation, this policy is defined as follows:
Under the targeted policy, every subject and object runs in the unconfined_t domain except for the specific targeted daemons. The objects on the system that are in the unconfined_t domain are allowed by SELinux to have no restrictions and fall back to using standard Linux security, that is, DAC. This policy is flexible enough to fit into enterprise infrastructures. The daemons that are part of the targeted policy run in their own domains and are restricted in every operation they perform on the system. This way daemons that are broken or exploited are limited in the damage they can do.
The targeted policy has grown to include domain-types such as httpd_t and samba_t to isolate Apache web services and Samba file sharing services respectively.
Earlier versions of Security Blanket just ran in the unconfined_t domain. However, if Security Blanket creates new configuration files for the operating system, in addition to setting the appropriate discretionary access controls (DAC), Security Blanket must ensure the security context is set. In addition to writing the appropriate rules in the policy module to supplement the “targeted” policy, we have to ensure that all security contexts are maintained. We certainly didn't want to just tell our customers, “Just reboot and relabel.”
In addition to code modifications, we have defined three specific domain-types for the following Security Blanket components: the console, the dispatcher, and the core engine. These independent domains will offer better isolation as well as tighten access controls on auditing and reporting data produced by Security Blanket.
If you have questions regarding Security Blanket's SELinux support, send us an email at SecurityBlanket@TrustedCS.com.
0 comments:
Post a Comment