Re: Simple question

[Jesse Pollard <pollard@admin.navo.hpc.mil>]

On Wednesday 12 February 2003 12:32 pm, j.logsdon@lancaster.ac.uk wrote:
> Hi
>
> In general terms, what does SEL do that I can't do (even if more
> complicated) by Access Control Lists?  If I can control the users and
> groups that can access files (and these are all properly set) what
> advantage do I have in running SEL?

ACLs are under the control of the user. The user choses the other users that
may access the files that the user owns.

SELinux is under the control of the security administrator. This includes the
files that the user owns. Even if the user wants a specific other user to have
access to a file, if that user is not in a domain containing the other user 
(ie, both are in the same domain) then the other user still cannot access the 
file.

> I'm not being rude - just trying to understand the difference and to see
> whether it is really necessary to run a bespoke kernel.

The difference is in mandatory access vs descretionary access.

As far as the system files go, if all are carefully given approprate ACLs, 
then they can be protected. However, if the root accout is hacked, the files
are still vulnerable.

If a SELinux system is hacked, unless the hack itself contains an all powerful
label/domain, the hack still doesn't have access to all of the files.. Only 
those belonging to the domain of the hacked daemon.

Others may have more detailed/correct answers, but this should be the
lowest common denominator.

-- 
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@navo.hpc.mil

Any opinions expressed are solely my own.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.