New pages

From SELinux Wiki

Jump to: navigation, search

Showing below up to 50 results starting with #1.

View (previous 50) (next 50) (20 | 50 | 100 | 250 | 500).

  1. 15:48, 15 April 2013 ‎NB SEforAndroid 2 (hist) ‎[61,953 bytes] ‎RichardHaines (Talk | contribs) (New page: = Policy File Configuration Details = This section details the specific SE for Android policy configuration files (i.e. those not used by 'standard' Linux based SELinux) as they were in A...)
  2. 14:42, 15 April 2013 ‎NB SEforAndroid 1 (hist) ‎[57,725 bytes] ‎RichardHaines (Talk | contribs) (New page: = SE for Android = == Introduction == This section gives an overview of the enhancements made to Android to produce Security Enhancements for Android™ (SE for Android) as it stood in...)
  3. 13:43, 19 November 2012 ‎XENStatements (hist) ‎[4,367 bytes] ‎RichardHaines (Talk | contribs) (New page: = Xen Statements = Xen policy supports additional policy language statements: <tt>iomemcon</tt>, <tt>ioportcon</tt>, <tt>pcidevicecon</tt> and <tt>pirqcon</tt> that are discussed in the se...)
  4. 14:44, 18 November 2012 ‎DefaultRules (hist) ‎[6,904 bytes] ‎RichardHaines (Talk | contribs) (New page: = Default Rules = These rules allow a default user, role, type and/or range to be used when computing a context for a new object. These require policy version 27 or 28 with kernels 3.5 or ...)
  5. 19:38, 5 January 2012 ‎SEAndroid (hist) ‎[109 bytes] ‎StephenSmalley (Talk | contribs) (New page: == What is SE Android? == Security Enhanced (SE) Android is a project to identify and address critical gaps in the security of Android. Initially, the SE Android project is enabling the ...)
  6. 16:33, 15 January 2011 ‎NB SQL 9.0 (hist) ‎[29,271 bytes] ‎RichardHaines (Talk | contribs) (New page: = SELinux PostgreSQL Support (9.0) = This section gives an overview of the SE-PostgreSQL version 9.0.1 extensions to support SELinux in F-14 and how the database context information is man...)
  7. 20:22, 31 August 2010 ‎COTS (hist) ‎[246 bytes] ‎Jaxelson (Talk | contribs) (created page)
  8. 13:44, 21 May 2010 ‎NB RefPolicy (hist) ‎[99,986 bytes] ‎RichardHaines (Talk | contribs) (New page: = The Reference Policy = == Introduction == The Reference Policy is now the standard policy source used to build SELinux policies. This provides a single source tree with supporting docume...)
  9. 15:51, 18 May 2010 ‎NB Apache (hist) ‎[4,542 bytes] ‎RichardHaines (Talk | contribs) (New page: = Apache SELinux Support = Apache web servers are generally managed under SELinux by using the Apache policy modules from the Reference Policy, however an SELinux-aware shared library is a...)
  10. 14:57, 18 May 2010 ‎NB SQL (hist) ‎[34,677 bytes] ‎RichardHaines (Talk | contribs) (New page: = SELinux PostgreSQL Support = This section gives an overview of the SE-PostgreSQL (version 8.4) extensions to support SELinux in F-12 and how the database context information is managed. ...)
  11. 14:38, 18 May 2010 ‎NB XWIN (hist) ‎[13,989 bytes] ‎RichardHaines (Talk | contribs) (New page: = SELinux X-Windows Support = The SELinux X-Windows (XSELinux) implementation provides fine grained access control over the majority of the X-server objects (known as resources). The Refer...)
  12. 14:30, 18 May 2010 ‎NB VM (hist) ‎[20,934 bytes] ‎RichardHaines (Talk | contribs) (New page: = SELinux Virtual Machine Support = SELinux support is available in the KVM/QEMU and Xen virtual machine (VM) technologies<ref name="ftn29">KVM (Kernel-based Virtual Machine) and Xen are c...)
  13. 14:19, 18 May 2010 ‎NB Networking (hist) ‎[13,090 bytes] ‎RichardHaines (Talk | contribs) (New page: = SELinux Networking Support = SELinux supports the following types of network labeling: '''Internal labeling''' - This is where network objects are labeled and managed internally within ...)
  14. 15:34, 17 May 2010 ‎NB LSM (hist) ‎[30,016 bytes] ‎RichardHaines (Talk | contribs) (New page: = Linux Security Module and SELinux = This section gives a high level overview of the LSM and SELinux internal structure and workings. A more detailed view can be found in the "[http://www...)
  15. 15:26, 17 May 2010 ‎NB PAM (hist) ‎[5,648 bytes] ‎RichardHaines (Talk | contribs) (New page: = PAM Login Process = Applications used to provide login services (such as <tt>gdm</tt> and <tt>ssh</tt>) in F-12 use the PAM (Pluggable Authentication Modules) infrastructure to provide t...)
  16. 15:16, 17 May 2010 ‎NB Poly (hist) ‎[8,604 bytes] ‎RichardHaines (Talk | contribs) (New page: = Polyinstantiation = GNU / Linux supports the polyinstantiation of directories that can be utilised by SELinux via the Pluggable Authentication Module (PAM) that is explained in the next ...)
  17. 15:04, 16 May 2010 ‎NB AL (hist) ‎[13,173 bytes] ‎RichardHaines (Talk | contribs) (New page: = Audit Logs = For SELinux there are two main types of audit event: # SELinux-aware Application Events - These are generated by the SELinux kernel services and SELinux-aware applications ...)
  18. 14:59, 16 May 2010 ‎NB PandE (hist) ‎[1,600 bytes] ‎RichardHaines (Talk | contribs) (New page: = SELinux Permissive and Enforcing Modes = SELinux has three major modes of operation: : '''Enforcing''' - SELinux is enforcing the loaded policy. : '''Permissive''' - SELinux has loade...)
  19. 14:57, 16 May 2010 ‎NB PolicyType (hist) ‎[13,320 bytes] ‎RichardHaines (Talk | contribs) (New page: = Types of SELinux Policy = This section describes the different type of policy descriptions and versions that can be found within SELinux. The types of SELinux policy can described in a ...)
  20. 14:23, 16 May 2010 ‎NB MLS (hist) ‎[12,012 bytes] ‎RichardHaines (Talk | contribs) (New page: = Multi-Level Security and Multi-Category Security = As stated in the Mandatory Access Control (MAC) section as well as supporting Type Enforcement (TE), SELinux also support...)
  21. 14:12, 16 May 2010 ‎NB Objects (hist) ‎[24,537 bytes] ‎RichardHaines (Talk | contribs) (New page: = Objects = Within SELinux an object is a resource such as files, sockets, pipes or network interfaces that are accessed via processes (also known as subjects). These objects are classifie...)
  22. 14:02, 16 May 2010 ‎NB Subjects (hist) ‎[1,919 bytes] ‎RichardHaines (Talk | contribs) (New page: = Subjects = A subject is an active entity generally in the form of a person, process, or device that causes information to flow among objects or changes the system state. Within SELinux...)
  23. 14:01, 16 May 2010 ‎NB SC (hist) ‎[4,806 bytes] ‎RichardHaines (Talk | contribs) (New page: = Security Context = SELinux requires a security context to be associated with every process (or subject) and object that are used by the security server to decide whether access is allowe...)
  24. 13:56, 16 May 2010 ‎NB RBAC (hist) ‎[1,539 bytes] ‎RichardHaines (Talk | contribs) (New page: = Role-Based Access Control (RBAC) = To further control access to TE domains SELinux makes use of role-based access control (RBAC). This feature allows SELinux users to be associated to on...)
  25. 13:54, 16 May 2010 ‎NB TE (hist) ‎[3,970 bytes] ‎RichardHaines (Talk | contribs) (New page: = Type Enforcement (TE) = SELinux makes use of a specific style of type enforcement<ref name="ftn5"><sup>There are various "type enforcement" technologies. </sup></ref> (TE) to enforce man...)
  26. 13:52, 16 May 2010 ‎NB MAC (hist) ‎[2,227 bytes] ‎RichardHaines (Talk | contribs) (New page: = Mandatory Access Control (MAC) = Mandatory Access Control (MAC) is a type of access control in which the operating system is used to constrain a user or process (the subject) from access...)
  27. 13:49, 16 May 2010 ‎NB Overview (hist) ‎[12,254 bytes] ‎RichardHaines (Talk | contribs) (New page: = SELinux Overview = == Introduction == SELinux is the primary Mandatory Access Control (MAC) mechanism built into a number of GNU / Linux distributions. SELinux originally started as the ...)
  28. 16:47, 14 March 2010 ‎Experimenting With X-Windows (hist) ‎[36,259 bytes] ‎RichardHaines (Talk | contribs) (New page: = Experimenting with X-Windows = == Section Overview == The main objectives of this section are to: * Demonstrate the use of '<tt>selections</tt>' using polyinstantiation and non- polyins...)
  29. 16:17, 14 March 2010 ‎Building the XSELinux Function Test Application (hist) ‎[3,203 bytes] ‎RichardHaines (Talk | contribs) (New page: = Building the XSELinux Function Test Application = The <tt>X-setest</tt> application allows a user to execute all of the SELinuxGet/Set.. functions that are integrated with the X-Windows ...)
  30. 16:08, 14 March 2010 ‎Building a Basic Policy (hist) ‎[16,178 bytes] ‎RichardHaines (Talk | contribs) (New page: = Building a Basic Policy = == Introduction == The objective of this section is to show how policy files are constructed, compiled and loaded using the SELinux command line tools and edito...)
  31. 15:38, 14 March 2010 ‎Experimenters Corner (hist) ‎[1,504 bytes] ‎RichardHaines (Talk | contribs) (New page: = Experimenters Corner = This section contains example source code and policy modules that may be useful for experimenting with. There is an experiment that uses different x_contexts fil...)
  32. 21:07, 12 March 2010 ‎SVNserver (hist) ‎[13,777 bytes] ‎MichalSvoboda (Talk | contribs) (New page: == Use case: SVN server ==)
  33. 13:04, 17 February 2010 ‎LibselinuxAPISummary (hist) ‎[33,265 bytes] ‎RichardHaines (Talk | contribs) (New page: = API Summary for libselinux = These functions have been taken from the following header files from the ``libselinux 2.0.87'' release and sorted in alphabetical order: /usr/include/selinu...)
  34. 22:32, 11 January 2010 ‎ULtest (hist) ‎[204 bytes] ‎WikiSysop (Talk | contribs) (New page: This is a test, ignore.)
  35. 14:57, 2 December 2009 ‎PolicyConfigurationFiles (hist) ‎[31,140 bytes] ‎RichardHaines (Talk | contribs) (New page: = Policy Configuration Files = Each file discussed in this section is relative to the policy name as follows: <nowiki>/etc/selinux/<policy_name></nowiki> The majority of files are instal...)
  36. 14:30, 2 December 2009 ‎PolicyStoreConfigurationFiles (hist) ‎[26,722 bytes] ‎RichardHaines (Talk | contribs) (New page: = Policy Store Configuration Files = Each file discussed in this section is relative to the policy name as follows: <pre> <nowiki>/etc/selinux/<policy_name></nowiki> </pre> The Policy Sto...)
  37. 13:55, 2 December 2009 ‎GlobalConfigurationFiles (hist) ‎[10,926 bytes] ‎RichardHaines (Talk | contribs) (New page: = Global Configuration Files = Listed in the sections that follow are the common configuration files used by SELinux and are therefore not policy specific. == /etc/selinux/config File == ...)
  38. 13:36, 2 December 2009 ‎ConfigurationFiles (hist) ‎[5,102 bytes] ‎RichardHaines (Talk | contribs) (New page: = SELinux Configuration Files = == Introduction == This section explains each SELinux configuration file with its format, example content and where applicable, any supporting SELinux comma...)
  39. 14:52, 30 November 2009 ‎SIDStatements (hist) ‎[3,071 bytes] ‎RichardHaines (Talk | contribs) (New page: = Security ID (SID) Statement = There are two SID statements, the first one declares the actual SID identifier and is defined at the start of a policy source file. The second statement is ...)
  40. 14:38, 30 November 2009 ‎ObjectClassStatements (hist) ‎[4,831 bytes] ‎RichardHaines (Talk | contribs) (New page: = Object Class and Permission Statements = For those who write or manager SELinux policy, there is no need to define new objects and their associated permissions as these would be done by ...)
  41. 14:24, 30 November 2009 ‎PolicyStatements (hist) ‎[10,009 bytes] ‎RichardHaines (Talk | contribs) (New page: = Policy Support Statements = This section contains language statements used to support policy. == module Statement == This statement is mandatory for loadable modules (non-base) and must...)
  42. 12:48, 30 November 2009 ‎MLSStatements (hist) ‎[17,925 bytes] ‎RichardHaines (Talk | contribs) (New page: = MLS Statements = The optional MLS policy extension adds an additional security context component that consists of the following highlighted entries: <pre> user:role:type:sensitivity[:ca...)
  43. 12:05, 30 November 2009 ‎NetworkStatements (hist) ‎[9,245 bytes] ‎RichardHaines (Talk | contribs) (New page: = Network Labeling Statements = The network labeling statements are used to label the following objects: '''Network interfaces''' - This covers those interfaces managed by the ifconfig(8)...)
  44. 11:36, 30 November 2009 ‎FileStatements (hist) ‎[9,172 bytes] ‎RichardHaines (Talk | contribs) (New page: = File System Labeling Statements = There are four types of file labeling statements: fs_use_xattr, fs_use_task, fs_use_trans and genfscon that are explained below. The filesystem identi...)
  45. 16:40, 29 November 2009 ‎ConstraintStatements (hist) ‎[7,909 bytes] ‎RichardHaines (Talk | contribs) (New page: = Constraint Statements = == constrain Statement == The constrain statement allows further restriction on permissions for the specified object classes by using boolean expressions covering...)
  46. 16:09, 29 November 2009 ‎ConditionalStatements (hist) ‎[6,429 bytes] ‎RichardHaines (Talk | contribs) (New page: = Conditional Policy Statements = Conditional policies consist of a bool statement that defines a condition as true or false, with a supporting if / else construct that specifies what rule...)
  47. 15:43, 29 November 2009 ‎RoleRules (hist) ‎[6,249 bytes] ‎RichardHaines (Talk | contribs) (New page: = Role Rules = == Role allow Rule == The role allow rule checks whether a request to change roles is allowed, if it is, then there may be a further request for a role_transition so that th...)
  48. 15:31, 29 November 2009 ‎RoleStatements (hist) ‎[4,940 bytes] ‎RichardHaines (Talk | contribs) (New page: = Role Statement = == role Statement == The role statement associates a role identifier to one or more types (i.e. authorise the role to access the domain or domains). Where there are mult...)
  49. 15:23, 29 November 2009 ‎UserStatements (hist) ‎[3,986 bytes] ‎RichardHaines (Talk | contribs) (New page: = User Statement = == user Statement == The user statement is used to declare an SELinux user identifier within the policy and associate that to one or more roles. The statement also allow...)
  50. 15:09, 29 November 2009 ‎AVCRules (hist) ‎[7,431 bytes] ‎RichardHaines (Talk | contribs) (New page: = Access Vector Rules = The AV rules define what access control privileges are allowed for processes. There are four types of AV rule: allow, dontaudit, auditallow, and neverallow as expla...)

View (previous 50) (next 50) (20 | 50 | 100 | 250 | 500).

Views
Personal tools
Toolbox