On Mon, Sep 25, 2006 at 07:24:13PM +0200, Salvo Giuffrida wrote: > Good morning, is it possible to configure the MLS policy, using > mlsconstraint, to enforce a Biba integrity model of security (no read down, > no write up), instead of the Bell-LaPadula (no read up, no write down)? I'm > reading the book "SELinux by example", and there there's written that the > MLS facility in the Security Server is not very flexible, and allows only > to enforce the rules "no read up, no write down". But, if I'm the one > configuring the policy in the file "mls", shouldn't I be able to change the > rules to the opposite? Sure, for example the MCS policy implements "no read up, no write up", have a look at the policy/mcs file in the serefpolicy distribution. If you need more help please try the SELinux mailing list. I think an interesting extension would be to split up the category bits into MLS, MCS, and MIC (integrity) sets, so that you could use all the models within a single policy. Something like the following maybe (this doesn't work currently)? mlsconstrain file write (((l1 & mls_cats) dom (l2 & mls_cats)) and ((h1 & mcs_cats) dom (h2 & mcs_cats)) and ((l1 & mic_cats) domby (l2 & mic_cats))); mlsconstrain file read (((l1 & mls_cats) eq (l2 & mls_cats)) and ((h1 & mcs_cats) dom (h2 & mcs_cats)) and ((l1 & mic_cats) dom (l2 & mic_cats))) -Klaus -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
