Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Access Decisions

The SELinux security server makes two basic kinds of decisions:

Access decisions: Access decisions determine whether a given subject is allowed to perform a given operation on a given object.
Transition decisions: Transition decisions, also called labeling decisions, determine the types assigned to newly created objects, particularly processes and files.

This section explains access decisions—the more frequently made and important of the two kinds of decisions—and the following section explains transition decisions.

Conceptually, each object class has an associated bitmap called an access vector, containing one bit for each action defined for the class. Figure 2-3 shows a simplified bitmap for the file class. An actual bitmap for the file class would include each of the more than one dozen actions defined for the file class, rather than merely the common actions shown in the figure.

Figure 2-3. A simplified access vector for the file class

As explained earlier in this chapter, the SELinux security server makes access decisions by considering the security context of the subject and object of the action, the security class of the object, and the action requested. When the security server has made the access decision, it returns an access vector that indicates the allowed actions. More precisely, if the security server finds one or more policy rules matching the request, it returns three related access vectors, as shown in Figure 2-4. In the figure, the server has granted the subject permission to append to the object or create the object.

Figure 2-4. A simplified access vector resulting from an access decision

The three access vectors have the following functions:

Allow: The allow access vector identifies operations that the subject is permitted to perform on the object. No log entry is made of the operation.
Auditallow: The auditallow access vector causes a log entry to be made when the indicated operation is performed. Despite its name, it doesn’t allow any operation; only the Allow vector does so.
Dontaudit: The dontaudit access vector identifies operations that the subject is not permitted to perform on the object, but that don’t cause the denial to be logged.

Three rules govern access to objects:

A requested action is denied unless the security server returns allow. Therefore, requests that have no matching policy rule are denied.
If an action is denied, a log entry is made unless the security server returns dontaudit.
If the security server returns auditallow, a log entry is made.

Table 2-3 summarizes the rules governing access to objects.

Table 2-3. Access to objects

Result	Access permitted	Result logged
No matching policy rule	No	Yes
allow	Yes	No, unless `auditallow` also specified
auditallow	No, unless `allow` also specified	Yes
dontaudit	No	No

Tip

To improve the efficiency of its operation, the security server caches access vectors in a data structure called the access vector cache (AVC).

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Access Decisions

Create new playlist

Sign In

Sign Up

Access Decisions

Tip

Table of Contents for
Access Decisions