any selinux program and architeture books

any selinux program and architeture books

[bigclouds]

[-- Attachment #1: Type: text/plain, Size: 401 bytes --]

hi,all
i have read some articales, but not comprehensive.
1. is there some articles  which introduce the architeture of selinux,
use space and kernel space architeture , and how they communicate?
i want to know every parts of selinux and how they work with each other.
 
 
2.
any articales about how to write a policy(rule,module)?
i have read some, but still have many confusion
 
thanks very much.
 

[-- Attachment #2: Type: text/html, Size: 726 bytes --]

Re: any selinux program and architeture books

[William Roberts]

[-- Attachment #1: Type: text/plain, Size: 839 bytes --]

Here is what I usually use:
http://www.freetechbooks.com/the-selinux-notebook-the-foundations-t785.html
On Jan 7, 2014 8:05 AM, "bigclouds" <bigclouds@163.com> wrote:

> hi,all
> i have read some articales, but not comprehensive.
> 1. is there some articles  which introduce the architeture of selinux,
> use space and kernel space architeture , and how they communicate?
> i want to know every parts of selinux and how they work with each other.
>
>
> 2.
> any articales about how to write a policy(rule,module)?
> i have read some, but still have many confusion
>
> thanks very much.
>
>
>
>
> _______________________________________________
> Selinux mailing list
> Selinux@tycho.nsa.gov
> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
> To get help, send an email containing "help" to
> Selinux-request@tycho.nsa.gov.
>
>

[-- Attachment #2: Type: text/html, Size: 1585 bytes --]

Re: any selinux program and architeture books

[Kernel freak]

[-- Attachment #1: Type: text/plain, Size: 1077 bytes --]

On Tue, Jan 7, 2014 at 5:02 PM, bigclouds <bigclouds@163.com> wrote:

> hi,all
> i have read some articales, but not comprehensive.
> 1. is there some articles  which introduce the architeture of selinux,
> use space and kernel space architeture , and how they communicate?
> i want to know every parts of selinux and how they work with each other.
>
I would recommend SELinux by example. It's an old book, but really nice to
understand SELinux. Some knowledge of Linux system is beneficial before
reading.

>
>
> 2.
> any articales about how to write a policy(rule,module)?
> i have read some, but still have many confusion
>
The above book surely should help. Download the policies and read it. Try
to tinker around in permissive mode, read the audit data. I believe that is
a good start. Have fun.

>
> thanks very much.
>
>
>
>
> _______________________________________________
> Selinux mailing list
> Selinux@tycho.nsa.gov
> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
> To get help, send an email containing "help" to
> Selinux-request@tycho.nsa.gov.
>
>

[-- Attachment #2: Type: text/html, Size: 2188 bytes --]

Re: any selinux program and architeture books

[Matthew Thode]

Kernel freak <kernelfreak@gmail.com> wrote:
>On Tue, Jan 7, 2014 at 5:02 PM, bigclouds <bigclouds@163.com> wrote:
>
>> hi,all
>> i have read some articales, but not comprehensive.
>> 1. is there some articles  which introduce the architeture of
>selinux,
>> use space and kernel space architeture , and how they communicate?
>> i want to know every parts of selinux and how they work with each
>other.
>>
>I would recommend SELinux by example. It's an old book, but really nice
>to
>understand SELinux. Some knowledge of Linux system is beneficial before
>reading.
>
>>
>>
>> 2.
>> any articales about how to write a policy(rule,module)?
>> i have read some, but still have many confusion
>>
>The above book surely should help. Download the policies and read it.
>Try
>to tinker around in permissive mode, read the audit data. I believe
>that is
>a good start. Have fun.
>
>>
>> thanks very much.
>>
>>
>>
>>
>> _______________________________________________
>> Selinux mailing list
>> Selinux@tycho.nsa.gov
>> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
>> To get help, send an email containing "help" to
>> Selinux-request@tycho.nsa.gov.
>>
>>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Selinux mailing list
>Selinux@tycho.nsa.gov
>To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
>To get help, send an email containing "help" to
>Selinux-request@tycho.nsa.gov.

I liked Sven's book. He has some of the best  documentation that I've seen.  It was recently published so it is up to date as well.

http://www.amazon.com/gp/aw/d/1783283173/
-- Matthew Thode

Re: any selinux program and architeture books

[Daniel J Walsh]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/07/2014 12:07 PM, Matthew Thode wrote:
> Kernel freak <kernelfreak@gmail.com> wrote:
>> On Tue, Jan 7, 2014 at 5:02 PM, bigclouds <bigclouds@163.com> wrote:
>> 
>>> hi,all i have read some articales, but not comprehensive. 1. is there
>>> some articles  which introduce the architeture of
>> selinux,
>>> use space and kernel space architeture , and how they communicate? i
>>> want to know every parts of selinux and how they work with each
>> other.
>>> 
>> I would recommend SELinux by example. It's an old book, but really nice 
>> to understand SELinux. Some knowledge of Linux system is beneficial
>> before reading.
>> 
>>> 
>>> 
>>> 2. any articales about how to write a policy(rule,module)? i have read
>>> some, but still have many confusion
>>> 
>> The above book surely should help. Download the policies and read it. 
>> Try to tinker around in permissive mode, read the audit data. I believe 
>> that is a good start. Have fun.
>> 
>>> 
>>> thanks very much.
>>> 
>>> 
>>> 
>>> 
>>> _______________________________________________ Selinux mailing list 
>>> Selinux@tycho.nsa.gov To unsubscribe, send email to
>>> Selinux-leave@tycho.nsa.gov. To get help, send an email containing
>>> "help" to Selinux-request@tycho.nsa.gov.
>>> 
>>> 
>> 
>> 
>> ------------------------------------------------------------------------
>> 
>> _______________________________________________ Selinux mailing list 
>> Selinux@tycho.nsa.gov To unsubscribe, send email to
>> Selinux-leave@tycho.nsa.gov. To get help, send an email containing "help"
>> to Selinux-request@tycho.nsa.gov.
> 
> I liked Sven's book. He has some of the best  documentation that I've seen.
> It was recently published so it is up to date as well.
> 
> http://www.amazon.com/gp/aw/d/1783283173/ -- Matthew Thode
> 
> _______________________________________________ Selinux mailing list 
> Selinux@tycho.nsa.gov To unsubscribe, send email to
> Selinux-leave@tycho.nsa.gov. To get help, send an email containing "help"
> to Selinux-request@tycho.nsa.gov.
> 
I didn't know this was published.  Just tweeted it out.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlLMSvkACgkQrlYvE4MpobP8UACg5aWJDAZvi2vDuKxIvos4jYqF
xK0AnjOtJowoKqWMXe62dCJ07KN/uztV
=SeDu
-----END PGP SIGNATURE-----

Re: any selinux program and architeture books

[Richard Haines]

Regarding the SELinux Notebook - I'm about to start the fourth edition for publication in about 4 - 6 months.
If anyone has any suggestions for improvement or additions please let me know and I'll see what
I can do. But please note its about SELinux components and how they hang together not
administration or how to write policy.
 
My current todo list is:
Multiple LSM support (as it may be all done by then)
Openswan/Libreswan config for labelled networking
Update CIL as it has changed and hopefully mainstream soon.
Update Android as many changes (but will probably be obsolete by publication !!)
General cleanup and add any new features found.
 
Richard

>________________________________
> From: William Roberts <bill.c.roberts@gmail.com>
>To: bigclouds <bigclouds@163.com> 
>Cc: "selinux@tycho nsa. gov" <selinux@tycho.nsa.gov> 
>Sent: Tuesday, 7 January 2014, 16:19
>Subject: Re: any selinux program and architeture books
>  
>
>
>Here is what I usually use:
>http://www.freetechbooks.com/the-selinux-notebook-the-foundations-t785.html
>On Jan 7, 2014 8:05 AM, "bigclouds" <bigclouds@163.com> wrote:
>
>hi,all
>>i have read some articales, but not comprehensive.
>>1. is there some articles  which introduce the architeture of selinux,  
>>use space and kernel space architeture , and how they communicate?
>>i want to know every parts of selinux and how they work with each other.
>>
>>
>>2.
>>any articales about how to write a policy(rule,module)? 
>>i have read some, but still have many confusion
>>
>>thanks very much.
>>
>>
>>
>>_______________________________________________
>>Selinux mailing list
>>Selinux@tycho.nsa.gov
>>To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
>>To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
>>
>> 
>_______________________________________________
>Selinux mailing list
>Selinux@tycho.nsa.gov
>To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
>To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
>
>
>