From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id s3M51pI3026420 for ; Tue, 22 Apr 2014 01:01:51 -0400 Received: by mail-pa0-f46.google.com with SMTP id kp14so533612pab.19 for ; Mon, 21 Apr 2014 22:01:50 -0700 (PDT) Received: from [192.168.1.2] ([117.201.93.83]) by mx.google.com with ESMTPSA id yv7sm195841773pac.33.2014.04.21.22.01.48 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 21 Apr 2014 22:01:49 -0700 (PDT) Message-ID: <5355F720.7010605@gmail.com> Date: Tue, 22 Apr 2014 10:29:12 +0530 From: dE MIME-Version: 1.0 To: selinux@tycho.nsa.gov Subject: Re: Why is SELINUXTYPE policy specific? References: <5353BC31.3070404@gmail.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: On 04/21/14 13:31, Sven Vermeulen wrote: > On Sun, Apr 20, 2014 at 2:23 PM, dE wrote: >> There are 3 security models in which SELinux can work -- TE, RBAC and MLS. >> >> And there are 6 types of SELinux policies -- >> >> targeted, mls, mcs, standard, strict or minimum. >> >> Each security model requires it's own set of policies and the policies can >> be 1 of the 6 types. So can all the 3 security modles and 6 types be >> intermixed? Won't there be conflicts like with MLS and RBAC? > The SELINUXTYPE value should be seen as the name given to a policy > store. The contents (the actual policy, the features it supports, the > fact that it is MLS-enabled or not) have nothing to do with the name > of the store per se. It is just a matter of convenience that policy > stores are named in a particular way so that, cross-distributions, > security administrators can deduce the type and features of the policy > based on the name. > > For instance, on RHEL6, "targeted" is the name given to the policy > store that contains an MCS policy with support for unconfined domains. > On Gentoo, this name is rather used for non-MCS policy with support > for unconfined domains. > > Afaik, there is no conflict between RBAC and MLS. With MLS, the > SELinux subsystem allows or denies access based on the dominance rules > between the domains' security clearance and the resource sensitivity > level. RBAC instead allows or denies a SELinux role to be associated > with a particular domain. > > Wkr, > Sven Vermeulen So can policies which support RBAC can be made to have a different SELINUXTYPE? Can targeted, mls, mcs, standard, strict or minimum also be considered as different security models? Since all these are made based on the TE model, can we make a custom security model based on TE and give it a different SELINUXTYPE. Thanks for the response.