A subject is an active entity generally in the form of a person, process, or device that causes information to flow among objects or changes the system state.
Within SELinux a subject is generally an active process and has a security context associated with it, however a process can also be referred to as an object depending on the context in which it is being taken, for example:
- A running process (i.e. an active entity) is a subject because it causes information to flow among objects or can change the system state.
- The process can also be referred to as an object because each process has an associated object class called "process". This process "object", defines what permissions the policy is allowed to grant or deny on the active process.
An example is given of the above scenarios in the Allowing a Process Access to Resources section.
In SELinux subjects can be:
Trusted - Generally these are commands, applications etc. that have been written or modified to support specific SELinux functionality to enforce the security policy (e.g. the kernel, init, pam, xinetd and login). However, it can also cover any application that the organisation is willing to trust as a part of the overall system. Although (depending on your paranoia level), the best policy is to trust nothing until it has been verified that it conforms to the security policy. Generally these trusted applications would run in either their own domain (e.g. the audit daemon could run under auditd_t) or grouped together (e.g. the semanage and semodule commands could be grouped under semanage_t).
Untrusted - Everything else.
- The object class and its associated permissions are explained in the Process Object Class section.