On Tue, May 12, 2015 at 05:12:01PM +0200, Dominick Grift wrote: > Here is one i somehow find compelling: > > Centralized governed (MAC) versus De-centralized goverened (DAC) security > > Back in the days of 1997 the privilege of computer environments was pretty much limited to academic use. > > I think there was an filosophy of trust. Were all academics we know what we do and we're all good (we dont make mistakes) > > (Some still believe in that) > > To others, things changed since then. > > Computer environments are no longer limited to academics and everyone and their mother are now wielding a computer with a 100 mbit+ uplink to the rest of the connected world. > > Also we're now pretty much all connected. That means that we can in theory now all affect eachothers´ experience. > > For example some could in theory send your site into a black hole by packeting it to death. > (some user with access to your system may decide to use your assets to ruin the fun for someone else on the network by udp flooding or whatever) > > Also these days the stakes are much higher in general (some businesses depend for their lively hood on computer environment) > > Those three changes are basically a pretty compelling reason to calibrate the security model to the new requirements and threats. > > SELinux and MAC in general, allows the owner of a computer system or environment to take control back into his own hands by overriding traditional DAC > > SELinux enables one to not necessarily trust individual processes and/or users on a system. It allows owners to enforce what > indidivual processes and users can do thereby enforcing integrity > > Some other advantages of SELinux over other MAC systems are that SELinux is customizable, flexible and allows for finer-grained access control. > After this i will stop my ramble :) Basically i would argue that DAC == trust, versus MAC == trust but verify Also the above explanation focusses a bit too much on malicious intent. But consider for example: now a lot of people write code that runs on others systems. (consider php and your average php dev, or people like myself LOL) So these people aren't necessarily malicious but instead maybe not as competent. You may end up with a buggy program that affects the functionality of the remainder of the system or even the network. By enforcing what the process can do exactly one can ensure a higher level of integrity. The SELinux type enforcement security model is used to enforce integrity The SElinux identity based access control security model is used by SELinux to complement traditional DAC -- 02DFF788 4D30 903A 1CF3 B756 FB48 1514 3148 83A2 02DF F788 http://keys.gnupg.net/pks/lookup?op=vindex&search=0x314883A202DFF788 Dominick Grift
Attachment:
pgpaOvIskSLlH.pgp
Description: PGP signature
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
