Complete.Org: Mailing Lists: Archives: discussion: October 2001:
[aclug-L] FW: Decentralizing system authority

[aclug-L] FW: Decentralizing system authority

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: "Aclug Discussion" <discussion@xxxxxxxxx>
Subject: [aclug-L] FW: Decentralizing system authority
From: "Dale W Hodge" <dwh@xxxxxxxxxxxxxxxx>
Date: Tue, 23 Oct 2001 15:38:18 -0500
Reply-to: discussion@xxxxxxxxx

LINUX SECURITY --- October 23, 2001
Published by -- changing the way you view IT


* The NSA's updated version of SELinux, though being fully functional,
  is more an example of MAC-based security than a secure operating

Mandatory Access Control: Silver Bullet or Kafkaesque Nightmare?, Part 2
By Jamie Reid

Enter SELinux
A couple of months ago, the NSA released an updated version of its
Security Enhanced Linux (SELinux) -- a joint effort between the NSA,
Network Associates, and Secure Computing. Unfortunately, the NSA did
not fix or publish any new vulnerabilities or the new class of
vulnerabilities they had been sitting on. When I heard the NSA was
publishing a Linux distribution, my first instinct was to run diffs
against the sources to see what they had "fixed". Alas, it's not that
kind of distribution.

SELinux ( developed as an example to the
Linux community of how a MAC-based system would operate. The fully
functional and freely distributed SE module seems to be an NSA attempt
to harness the strength of the open source communities and direct it
towards developing more secure systems. SELinux's documentation states
that it allows for the protection of raw data on the system, the
integrity of the kernel and system software, confining potential damage
if a process is compromised, and prevents malicious code from being
run, specifically if it is at a privileged level. It enforces the
separation of duties necessary to ensure the containment of a

SELinux is a series of modified system utilities and system calls that
currently only run under Red Hat. The developers make no guarantees as
to the system's actual security with the security modules installed, as
it is to serve as more of an example of how a system like this should
work. Also, the security of the system is only as strong as the policy
it enforces, so SELinux is by no means a turnkey security solution.

Is business ready for MAC? Is MAC ready for business?
MAC enforces a "separation of duties", which places less emphasis on a
single point of authority or all powerful 'root' account. Because the
access control information is relative to each file or object on the
system, the authority to do things on the system is significantly

Though a product of a radically different culture than that of the
business world, this methodology could benefit businesses by
incorporating some of the MAC principles that were developed in an
environment where the secrecy and integrity of the data was as
important as its availability, if not more so. The data's value was in
its secrecy so, if information was exposed, then you couldn't just make
it secret again by restoring it from a backup.

Information's value in the business world is geared more towards the
availability end of the spectrum. Web sites must get served, reports
must be delivered, and news must be distributed. If confidentiality is
compromised, then recourse moves to the courts.

>From a confidentiality and integrity perspective, MAC is an excellent
model. However, it may require multiple sign-offs, which requires more
resources, making it cumbersome from an availability perspective. This
is not just about computational resources, but business processes.
Imagine having to get  multiple sign-offs for access to a single, and
seemingly insignificant, piece of information.

Think of it as a dictator vs. a bureaucracy. The dictator will get
things done quickly and efficiently, with a higher probability of
failure due to the lack of checks and balances in the decision making
process; whereas the bureaucracy can pretty much guarantee it will get
done, with the paper trail to prove it, just don't ask when.


About the author(s)
Jamie Reid is a Network Security Consultant in Toronto. He can be
reached at jreid@xxxxxxxxxx.


NSA Security-Enhanced Linux

Security-Enhanced Linux

PGP working with NSA on SELinux

NSA Releases Updated SELinux

Airtight Linux


Index of Linux Security

Web Site Security, Part I

Web site Security Part II

The Remote Access Nightmare

Corporate Security Policies


- Go to:
- Click on "View my newsletters" to log in and manage your account
- To subscribe, check the box next to the newsletter
- To unsubscribe, uncheck the box next to the newsletter
- When finished, click submit

Questions? Please e-mail customer service at: mailto:support@xxxxxxxxxxx


* Editorial: Andrew Santosusso, Newsletter Editor,
* Advertising: Clare O'Brien, Vice President of Sales,
* Recruitment advertising: Jamie Swartz, jamie_swartz@xxxxxxxxxxxxx
* Other inquiries: Jodie Naze, Senior Product Marketing Manager,


Copyright 2001, Inc., All Rights Reserved.

-- This is the discussion@xxxxxxxxx list.  To unsubscribe,

[Prev in Thread] Current Thread [Next in Thread]
  • [aclug-L] FW: Decentralizing system authority, Dale W Hodge <=