SELinux Cookbook

by Sven Vermeulen

Released September 2014

Publisher(s): Packt Publishing

ISBN: 9781783989669

Start your free trial

Book description

Over 70 hands-on recipes to develop fully functional policies to confine your applications and users using SELinux

In Detail

In SELinux Cookbook, we cover everything from how to build SELinux policies to the integration of the technology with other systems and look at a wide range of examples to assist in creating additional policies. The first set of recipes work around file labeling as one of the most common and important SELinux administrative aspects. Then, we move on to custom policy development, showing how this is done for web application confinement, desktop application protection, and custom server policies. Next, we shift our focus to the end user, restricting user privileges and setting up role-based access controls. After that, we redirect our focus to the integration of SELinux with Linux systems, aligning SELinux with existing security controls on a Linux system. Finally, we will learn how applications interact with the SELinux subsystem internally; ensuring that whatever the challenge, we will be able to find the best solution.

What You Will Learn

Manage resource labels and fine-tune your policies to automatically handle labeling
Gain an insight into how to tune the web server SELinux policy for secure web application hosting
Learn how to confine desktop applications through custom-built policies
Protect a server's assets by creating your own service-specific SELinux policies
Discover how to restrict users without hindering them by installing role-based access control
Troubleshoot and debug the behavior of SELinux-enabled applications