From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from msux-gh1-uea01.nsa.gov (msux-gh1-uea01.nsa.gov [63.239.67.1]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id n615F2o2002966 for ; Wed, 1 Jul 2009 01:15:02 -0400 Received: from mail-px0-f197.google.com (localhost [127.0.0.1]) by msux-gh1-uea01.nsa.gov (8.12.10/8.12.10) with ESMTP id n615Ei1Y000325 for ; Wed, 1 Jul 2009 05:14:45 GMT Received: by pxi35 with SMTP id 35so535665pxi.32 for ; Tue, 30 Jun 2009 22:15:00 -0700 (PDT) MIME-Version: 1.0 Date: Wed, 1 Jul 2009 11:15:00 +0600 Message-ID: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> Subject: RBAC with SELinux MCS From: Shaz To: selinux Content-Type: multipart/alternative; boundary=0016364c673f4976b8046d9e017a Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov --0016364c673f4976b8046d9e017a Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Dear list, I was studying some earlier work on RBAC and came across Kuhn98 [1], which says that RBAC can be implemented if some interface function is used to map privilege sets of RBAC with MCS. James Moris blog article on MCS [2] states that MCS is just dicretionary like DAC if hierarchies like of MLS levels are not used. It might be because of the implementation of current LSPP on Linux distros. So my question is that can RBAC be used with SELinux if the mapping function is provided? Some further literature or existing work being pointed out will be appreciated. Thank you. [1] http://csrc.nist.gov/groups/SNS/rbac/documents/design_implementation/kuhn-98.pdf [2] http://james-morris.livejournal.com/5583.html -- Shaz --0016364c673f4976b8046d9e017a Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Dear list,

I was studying some earlier work on RBAC and came across = Kuhn98 [1], which says that RBAC can be implemented if some interface funct= ion is used to map privilege sets of RBAC with MCS. James Moris blog articl= e on MCS [2] states that MCS is just dicretionary like DAC if hierarchies l= ike of MLS levels are not used. It might be because of the implementation o= f current LSPP on Linux distros. So my question is that can RBAC be used wi= th SELinux if the mapping function is provided?

Some further literature or existing work being pointed out will be appr= eciated.

Thank you.

[1] http:= //csrc.nist.gov/groups/SNS/rbac/documents/design_implementation/kuhn-98.pdf=
[2] http://james-= morris.livejournal.com/5583.html

--
Shaz

--0016364c673f4976b8046d9e017a-- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from msux-gh1-uea02.nsa.gov (msux-gh1-uea02.nsa.gov [63.239.67.2]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id n6160Z0k007944 for ; Wed, 1 Jul 2009 02:00:43 -0400 Received: from mail-px0-f197.google.com (localhost [127.0.0.1]) by msux-gh1-uea02.nsa.gov (8.12.10/8.12.10) with ESMTP id n6161AdA016183 for ; Wed, 1 Jul 2009 06:01:10 GMT Received: by pxi35 with SMTP id 35so553687pxi.32 for ; Tue, 30 Jun 2009 23:00:34 -0700 (PDT) Message-ID: <4A4AFBC5.2010905@gmail.com> Date: Tue, 30 Jun 2009 23:01:41 -0700 From: "Justin P. Mattock" MIME-Version: 1.0 To: Shaz CC: selinux Subject: Re: RBAC with SELinux MCS References: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> In-Reply-To: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov Shaz wrote: > Dear list, > > I was studying some earlier work on RBAC and came across Kuhn98 [1], > which says that RBAC can be implemented if some interface function is > used to map privilege sets of RBAC with MCS. James Moris blog article > on MCS [2] states that MCS is just dicretionary like DAC if > hierarchies like of MLS levels are not used. It might be because of > the implementation of current LSPP on Linux distros. So my question is > that can RBAC be used with SELinux if the mapping function is provided? > > Some further literature or existing work being pointed out will be > appreciated. > > Thank you. > > [1] > http://csrc.nist.gov/groups/SNS/rbac/documents/design_implementation/kuhn-98.pdf > [2] http://james-morris.livejournal.com/5583.html > > -- > Shaz > Im guessing the mapping function is "newrole" right! if then yeah you should be able too i.g. newrole -r *_r -- -c /usr/bin/* (or wherever/whatever your wanting to use in that role). might get complicated with the sensitivity levels and categories(that is if you really tweak them). Justin P. Mattock -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from msux-gh1-uea01.nsa.gov (msux-gh1-uea01.nsa.gov [63.239.67.1]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id n616IPpY009868 for ; Wed, 1 Jul 2009 02:18:25 -0400 Received: from wa-out-1112.google.com (localhost [127.0.0.1]) by msux-gh1-uea01.nsa.gov (8.12.10/8.12.10) with ESMTP id n616I81Y019919 for ; Wed, 1 Jul 2009 06:18:08 GMT Received: by wa-out-1112.google.com with SMTP id k17so127711waf.18 for ; Tue, 30 Jun 2009 23:18:24 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <4A4AFBC5.2010905@gmail.com> References: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> <4A4AFBC5.2010905@gmail.com> Date: Wed, 1 Jul 2009 12:18:23 +0600 Message-ID: <7b740b700906302318v31f292e1ha98ff6735eb1e3a2@mail.gmail.com> Subject: Re: RBAC with SELinux MCS From: Shaz To: "Justin P. Mattock" Cc: selinux Content-Type: multipart/alternative; boundary=001636417b8ffb4669046d9ee3db Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov --001636417b8ffb4669046d9ee3db Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit On Wed, Jul 1, 2009 at 12:01 PM, Justin P. Mattock wrote: > Shaz wrote: > >> Dear list, >> >> I was studying some earlier work on RBAC and came across Kuhn98 [1], which >> says that RBAC can be implemented if some interface function is used to map >> privilege sets of RBAC with MCS. James Moris blog article on MCS [2] states >> that MCS is just dicretionary like DAC if hierarchies like of MLS levels are >> not used. It might be because of the implementation of current LSPP on Linux >> distros. So my question is that can RBAC be used with SELinux if the mapping >> function is provided? >> >> Some further literature or existing work being pointed out will be >> appreciated. >> >> Thank you. >> >> [1] >> http://csrc.nist.gov/groups/SNS/rbac/documents/design_implementation/kuhn-98.pdf >> [2] http://james-morris.livejournal.com/5583.html >> >> -- >> Shaz >> >> Im guessing the mapping function is "newrole" right! > if then yeah you should be able too i.g. > newrole -r *_r -- -c /usr/bin/* (or wherever/whatever your > wanting to use in that role). > might get complicated with the sensitivity > levels and categories(that is if you really tweak them). Is this consistent with NIST RBAC standard to a greater extent? Never use roles in SELinux because thought it was just grouping of users. > > > Justin P. Mattock > > -- Shaz --001636417b8ffb4669046d9ee3db Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

On Wed, Jul 1, 2009 at 12:01 PM, Justin = P. Mattock <justinmattock@gmail.com> wrote:
Shaz wrote:
Dear list,

I was studying some earlier work on RBAC and came across Kuhn98 [1], which = says that RBAC can be implemented if some interface function is used to map= privilege sets of RBAC with MCS. James Moris blog article on MCS [2] state= s that MCS is just dicretionary like DAC if hierarchies like of MLS levels = are not used. It might be because of the implementation of current LSPP on = Linux distros. So my question is that can RBAC be used with SELinux if the = mapping function is provided?

Some further literature or existing work being pointed out will be apprecia= ted.

Thank you.

[1] http://csrc.nist.gov/groups/SNS/rba= c/documents/design_implementation/kuhn-98.pdf
[2] http://james-morris.livejournal.com/5583.html

--
Shaz

Im guessing the mapping function is "newrole" right!
if then yeah you should be able too i.g.
newrole -r =A0*_r -- -c /usr/bin/* (or wherever/whatever your
wanting to use in that role).
might get complicated with the sensitivity
levels and categories(that is if you really tweak them).
<= br>Is this consistent with NIST RBAC standard to a greater extent? Never us= e roles in SELinux because thought it was just grouping of users.
=A0


Justin P. Mattock




--
Shaz

--001636417b8ffb4669046d9ee3db-- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from msux-gh1-uea01.nsa.gov (msux-gh1-uea01.nsa.gov [63.239.67.1]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id n616dKvQ012441 for ; Wed, 1 Jul 2009 02:39:20 -0400 Received: from rv-out-0708.google.com (localhost [127.0.0.1]) by msux-gh1-uea01.nsa.gov (8.12.10/8.12.10) with ESMTP id n616d21Y026606 for ; Wed, 1 Jul 2009 06:39:03 GMT Received: by rv-out-0708.google.com with SMTP id c5so223144rvf.54 for ; Tue, 30 Jun 2009 23:39:18 -0700 (PDT) Message-ID: <4A4B04DA.6000706@gmail.com> Date: Tue, 30 Jun 2009 23:40:26 -0700 From: "Justin P. Mattock" MIME-Version: 1.0 To: Shaz CC: selinux Subject: Re: RBAC with SELinux MCS References: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> <4A4AFBC5.2010905@gmail.com> <7b740b700906302318v31f292e1ha98ff6735eb1e3a2@mail.gmail.com> In-Reply-To: <7b740b700906302318v31f292e1ha98ff6735eb1e3a2@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov Shaz wrote: > > > On Wed, Jul 1, 2009 at 12:01 PM, Justin P. Mattock > > wrote: > > Shaz wrote: > > Dear list, > > I was studying some earlier work on RBAC and came across > Kuhn98 [1], which says that RBAC can be implemented if some > interface function is used to map privilege sets of RBAC with > MCS. James Moris blog article on MCS [2] states that MCS is > just dicretionary like DAC if hierarchies like of MLS levels > are not used. It might be because of the implementation of > current LSPP on Linux distros. So my question is that can RBAC > be used with SELinux if the mapping function is provided? > > Some further literature or existing work being pointed out > will be appreciated. > > Thank you. > > [1] > http://csrc.nist.gov/groups/SNS/rbac/documents/design_implementation/kuhn-98.pdf > [2] http://james-morris.livejournal.com/5583.html > > -- > Shaz > > Im guessing the mapping function is "newrole" right! > if then yeah you should be able too i.g. > newrole -r *_r -- -c /usr/bin/* (or wherever/whatever your > wanting to use in that role). > might get complicated with the sensitivity > levels and categories(that is if you really tweak them). > > > Is this consistent with NIST RBAC standard to a greater extent? Never > use roles in SELinux because thought it was just grouping of users. > > > > Justin P. Mattock > > > > > -- > Shaz > It should be of standard to NIST(if not then they should fix that) I don't see it as grouping users(but could be wrong), I see it as a way of confining the situation i.g. if you run an application in certain role, it's confined to that role and only the privileges that role provides. Justin P. Mattock -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from msux-gh1-uea02.nsa.gov (msux-gh1-uea02.nsa.gov [63.239.67.2]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id n616j40x013078 for ; Wed, 1 Jul 2009 02:45:06 -0400 Received: from mail-pz0-f177.google.com (localhost [127.0.0.1]) by msux-gh1-uea02.nsa.gov (8.12.10/8.12.10) with ESMTP id n616jddA026357 for ; Wed, 1 Jul 2009 06:45:39 GMT Received: by pzk7 with SMTP id 7so299627pzk.32 for ; Tue, 30 Jun 2009 23:44:59 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <4A4B04DA.6000706@gmail.com> References: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> <4A4AFBC5.2010905@gmail.com> <7b740b700906302318v31f292e1ha98ff6735eb1e3a2@mail.gmail.com> <4A4B04DA.6000706@gmail.com> Date: Wed, 1 Jul 2009 12:44:59 +0600 Message-ID: <7b740b700906302344rbeaf99yd48cdec3d9cc4939@mail.gmail.com> Subject: Re: RBAC with SELinux MCS From: Shaz To: "Justin P. Mattock" Cc: selinux Content-Type: multipart/alternative; boundary=001636456fd612e9c3046d9f430b Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov --001636456fd612e9c3046d9f430b Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit On Wed, Jul 1, 2009 at 12:40 PM, Justin P. Mattock wrote: > Shaz wrote: > > >> >> On Wed, Jul 1, 2009 at 12:01 PM, Justin P. Mattock < >> justinmattock@gmail.com > wrote: >> >> Shaz wrote: >> >> Dear list, >> >> I was studying some earlier work on RBAC and came across >> Kuhn98 [1], which says that RBAC can be implemented if some >> interface function is used to map privilege sets of RBAC with >> MCS. James Moris blog article on MCS [2] states that MCS is >> just dicretionary like DAC if hierarchies like of MLS levels >> are not used. It might be because of the implementation of >> current LSPP on Linux distros. So my question is that can RBAC >> be used with SELinux if the mapping function is provided? >> >> Some further literature or existing work being pointed out >> will be appreciated. >> >> Thank you. >> >> [1] >> >> http://csrc.nist.gov/groups/SNS/rbac/documents/design_implementation/kuhn-98.pdf >> [2] http://james-morris.livejournal.com/5583.html >> >> -- Shaz >> >> Im guessing the mapping function is "newrole" right! >> if then yeah you should be able too i.g. >> newrole -r *_r -- -c /usr/bin/* (or wherever/whatever your >> wanting to use in that role). >> might get complicated with the sensitivity >> levels and categories(that is if you really tweak them). >> >> >> Is this consistent with NIST RBAC standard to a greater extent? Never use >> roles in SELinux because thought it was just grouping of users. >> >> >> >> Justin P. Mattock >> >> >> >> >> -- >> Shaz >> >> It should be of standard to NIST(if not then they should fix that) > I don't see it as grouping users(but could be wrong), > I see it as a way of confining the situation i.g. > if you run an application in certain role, it's confined to > that role and only the privileges that role provides. Those privileges depend on the kind of object defined by the "class" and enforced by the object manager. I think its making sense to my stupid mind now :) I will appreciate if someone can clear out if this is consistent with the NIST standards. Thanks Justin. > > > Justin P. Mattock > > > > -- Shaz --001636456fd612e9c3046d9f430b Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

On Wed, Jul 1, 2009 at 12:40 PM, Justin = P. Mattock <justinmattock@gmail.com> wrote:
Shaz wrote:



On Wed, Jul 1, 2009 at 12:01 PM, Justin P. Mattock <justinmattock@gmail.com <ma= ilto:justinmat= tock@gmail.com>> wrote:

=A0 =A0Shaz wrote:

=A0 =A0 =A0 =A0Dear list,

=A0 =A0 =A0 =A0I was studying some earlier work on RBAC and came across =A0 =A0 =A0 =A0Kuhn98 [1], which says that RBAC can be implemented if some=
=A0 =A0 =A0 =A0interface function is used to map privilege sets of RBAC wi= th
=A0 =A0 =A0 =A0MCS. James Moris blog article on MCS [2] states that MCS is=
=A0 =A0 =A0 =A0just dicretionary like DAC if hierarchies like of MLS level= s
=A0 =A0 =A0 =A0are not used. It might be because of the implementation of<= br> =A0 =A0 =A0 =A0current LSPP on Linux distros. So my question is that can R= BAC
=A0 =A0 =A0 =A0be used with SELinux if the mapping function is provided?
=A0 =A0 =A0 =A0Some further literature or existing work being pointed out<= br> =A0 =A0 =A0 =A0will be appreciated.

=A0 =A0 =A0 =A0Thank you.

=A0 =A0 =A0 =A0[1]
=A0 =A0 =A0 =A0http://csrc.nist.gov/gr= oups/SNS/rbac/documents/design_implementation/kuhn-98.pdf
=A0 =A0 =A0 =A0[2] http://james-morris.livejournal.com/5583.html

=A0 =A0 =A0 =A0-- =A0 =A0 =A0 =A0Shaz

=A0 =A0Im guessing the mapping function is "newrole" right!
=A0 =A0if then yeah you should be able too i.g.
=A0 =A0newrole -r =A0*_r -- -c /usr/bin/* (or wherever/whatever your
=A0 =A0wanting to use in that role).
=A0 =A0might get complicated with the sensitivity
=A0 =A0levels and categories(that is if you really tweak them).


Is this consistent with NIST RBAC standard to a greater extent? Never use r= oles in SELinux because thought it was just grouping of users.



=A0 =A0Justin P. Mattock




--
Shaz

It should be of standard to NIST(if not then they should fix that)
I don't see it as grouping users(but could be wrong),
I see it as a way of confining the situation i.g.
if =A0you run an application in certain role, it's confined to
that role and only the privileges that role provides.

= Those privileges depend on the kind of object defined by the "class&qu= ot; and enforced by the object manager. I think its making sense to my stup= id mind now :) I will appreciate if someone can clear out if this is consis= tent with the NIST standards.

Thanks Justin.
=A0


Justin P. Mattock






--
Shaz

--001636456fd612e9c3046d9f430b-- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <4A4B133C.4030005@gmail.com> Date: Wed, 01 Jul 2009 00:41:48 -0700 From: "Justin P. Mattock" MIME-Version: 1.0 To: Shaz CC: selinux , Stephen Smalley Subject: Re: RBAC with SELinux MCS References: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> <4A4AFBC5.2010905@gmail.com> <7b740b700906302318v31f292e1ha98ff6735eb1e3a2@mail.gmail.com> <4A4B04DA.6000706@gmail.com> <7b740b700906302344rbeaf99yd48cdec3d9cc4939@mail.gmail.com> In-Reply-To: <7b740b700906302344rbeaf99yd48cdec3d9cc4939@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov Shaz wrote: > > > On Wed, Jul 1, 2009 at 12:40 PM, Justin P. Mattock > > wrote: > > Shaz wrote: > > > > On Wed, Jul 1, 2009 at 12:01 PM, Justin P. Mattock > > >> wrote: > > Shaz wrote: > > Dear list, > > I was studying some earlier work on RBAC and came across > Kuhn98 [1], which says that RBAC can be implemented if some > interface function is used to map privilege sets of > RBAC with > MCS. James Moris blog article on MCS [2] states that MCS is > just dicretionary like DAC if hierarchies like of MLS > levels > are not used. It might be because of the implementation of > current LSPP on Linux distros. So my question is that > can RBAC > be used with SELinux if the mapping function is provided? > > Some further literature or existing work being pointed out > will be appreciated. > > Thank you. > > [1] > http://csrc.nist.gov/groups/SNS/rbac/documents/design_implementation/kuhn-98.pdf > [2] http://james-morris.livejournal.com/5583.html > > -- Shaz > > Im guessing the mapping function is "newrole" right! > if then yeah you should be able too i.g. > newrole -r *_r -- -c /usr/bin/* (or wherever/whatever your > wanting to use in that role). > might get complicated with the sensitivity > levels and categories(that is if you really tweak them). > > > Is this consistent with NIST RBAC standard to a greater > extent? Never use roles in SELinux because thought it was just > grouping of users. > > > > Justin P. Mattock > > > > > -- > Shaz > > It should be of standard to NIST(if not then they should fix that) > I don't see it as grouping users(but could be wrong), > I see it as a way of confining the situation i.g. > if you run an application in certain role, it's confined to > that role and only the privileges that role provides. > > > Those privileges depend on the kind of object defined by the "class" > and enforced by the object manager. I think its making sense to my > stupid mind now :) I will appreciate if someone can clear out if this > is consistent with the NIST standards. > That's fine I'll add a CC to someone who has better knowledge than I with SELinux, > Thanks Justin. > > > > Justin P. Mattock > > > > > > > -- > Shaz > Stephen if you can, and have the time could you help this person out with this question: Is this consistent with NIST RBAC standard to a greater extent? Never use roles in SELinux because thought it was just grouping of users. Justin P. Mattock -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. From mboxrd@z Thu Jan 1 00:00:00 1970 Subject: Re: RBAC with SELinux MCS From: Stephen Smalley To: Shaz Cc: selinux In-Reply-To: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> References: <7b740b700906302215n2a6eb4f3y8e2e15419af33191@mail.gmail.com> Content-Type: text/plain Date: Wed, 01 Jul 2009 10:03:53 -0400 Message-Id: <1246457033.13464.158.camel@moss-pluto.epoch.ncsc.mil> Mime-Version: 1.0 Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov On Wed, 2009-07-01 at 11:15 +0600, Shaz wrote: > Dear list, > > I was studying some earlier work on RBAC and came across Kuhn98 [1], > which says that RBAC can be implemented if some interface function is > used to map privilege sets of RBAC with MCS. James Moris blog article > on MCS [2] states that MCS is just dicretionary like DAC if > hierarchies like of MLS levels are not used. It might be because of > the implementation of current LSPP on Linux distros. So my question is > that can RBAC be used with SELinux if the mapping function is > provided? > > Some further literature or existing work being pointed out will be > appreciated. > > Thank you. > > [1] > http://csrc.nist.gov/groups/SNS/rbac/documents/design_implementation/kuhn-98.pdf > [2] http://james-morris.livejournal.com/5583.html SELinux implements its own RBAC model, described here: http://www.nsa.gov/research/_files/selinux/papers/policy2/x86.shtml By coupling RBAC with TE (which is a mandatory scheme), we can directly bind roles to processes and enforce RBAC restrictions at the operating system level. We also address some of the limitations of traditional RBAC through TE. RBAC and MCS don't have anything to do with each other. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.