Chapter 13: Analyzing Policy Behavior

Although SELinux policies enforce the mandatory access controls and application behavior on a system, knowing how a policy will act upfront is useful for administrators to perform assessments and root cause analysis activities.

Throughout this chapter, we will learn how to query the SELinux policy in depth, using a multitude of tools to query process transitions, analyze information flows, and compare policies. We will consider the apol tool, a graphical interface with which we can perform several analyses on a policy, as well as command-line tools such as sesearch, sedta, seinfoflow, and sepolicy. Finally, we will use sediff to compare policies.

In this chapter, we're going to cover the following main topics: ...

Get SELinux System Administration - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SELinux System Administration - Third Edition by Sven Vermeulen

Chapter 13: Analyzing Policy Behavior

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly