O'Reilly logo

SELinux by Example: Using Security Enhanced Linux by David Caplan, Karl MacMillan, Frank Mayer

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5. Type Enforcement

In this chapter

• 5.1 Type Enforcement

• 5.2 Types, Attributes, and Aliases

• 5.3 Access Vector Rules

• 5.4 Type Rules

• 5.5 Exploring Type Enforcement Rules with Apol

• 5.6 Summary

• Exercises

The majority of a SELinux policy is made up of several rules that together we call the type enforcement rules. These rules control allowed access, many aspects of default transition labeling, auditing, and invariant assertion checking. In this chapter, we examine the type enforcement rules in detail along with the statements to define and declare the types used by these rules.

5.1 Type Enforcement

The majority of a SELinux policy is a set of statements and rules that collectively define the type enforcement (TE) policy. A well-defined, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required