Gentoo Archives: gentoo-hardened

From: Sven Vermeulen <sven.vermeulen@××××××.be>
To: gentoo-hardened@l.g.o
Subject: [gentoo-hardened] SELinux policy rules principles?
Date: Sun, 16 Jan 2011 16:02:47
Message-Id: 20110116150950.GA17577@siphos.be
1 Hi all,
2
3 When writing security policies, it is important to first have a vision on
4 how the security policies should be made. Of course, final vision should be
5 with a systems' security administrator, but a distribution should give a
6 first start for this.
7
8 For the time being, Gentoo Hardened's policies are based upon the reference
9 policy's implementation, but I can imagine that this will evolve further.
10 The moment however we start adding policies ourselves (outside simple
11 patching of the reference policy's implementation) we need to have some
12 rules on what or how our rules should be made.
13
14 One first principle that we might need to discuss about is what we want to
15 allow in our policy. Do we want to allow all normal behavior (i.e. you use
16 an application or server the way it is meant to and we make sure no denials
17 are generated for this) but shield off abnormal behavior as much as possible
18 (by rightly aligning domains and types)? Or do we want to allow just enough
19 so that the applications function properly during regular operations,
20 causing various denials to be in place still?
21
22 And if we would opt for the latter, do we want to dontaudit those denials to
23 keep the logging clean, or do we then expect the administrator to manage his
24 own dontaudits?
25
26 Wkr,
27 Sven Vermeulen

Replies

Subject Author
Re: [gentoo-hardened] SELinux policy rules principles? Chris Richards <gizmo@×××××××××.com>