October 2004
Intermediate to advanced
256 pages
8h 16m
English
Content preview from SELinuxBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
SELinux History
SELinux, though only recently released to the public as a software product, has a substantial heritage. SELinux descends from work that began several decades ago. In 1973, computer scientists David Bell and Leonard LaPadula defined the concept of a secure system state and published a formal model describing a multilevel security system.
Later, in the 1980s, the work of Bell and LaPadula strongly influenced the U.S. government’s development of the Trusted Computer System Evaluation Criteria (TCSEC, popularly known as the Orange Book). The TCSEC defined six evaluation classes with progressively more stringent security requirements: C1, C2, B1, B2, B3, and A1. Class C1 and C2 systems, like Linux, depended upon discretionary access controls. Class B1 systems and systems of higher classes had to, like SELinux, implement mandatory access controls.
During the 1990s, researchers at the U.S. National Security Agency (NSA) worked with Secure Computing Corporation (SCC) to develop a strong and flexible mandatory access control architecture. Initially, their work focused on theoretical proofs of the properties and characteristics of the architecture. Eventually, working with a research team at the University of Utah, they developed a working prototype of the architecture called Flask within Fluke, a research operating system.
Later, NSA researchers worked with Network Associates and the R&D firm MITRE to implement the architecture within the open source Linux operating system. ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.