We have successfully built NSA SELinux for OpenMoko FreeRunner with support for policy 19-23 using kernel-2.6.24. Most of it was cross compilation and understanding of the kernel and userspace infrastructure of SELinux.
The policy is now being developed further to suite our solutions in permissive mode....
Archive by category 'SELinux'
Posted tutorial on my blog. See here: Writing a basic SELinux LPM
[These are comments to the paper titled, "From Trusted to Secure: Building and Executing Applications That Enforce System Security" available at USENIX ATC'07.]
The paper deals with the issue of differences between security enforcement on the operating system level and within applications. It describes...
After the comparison of trendy MAC enhancements, I have been figuring out the general needs of a network for MAC. We have three places where MAC can and is enforced:
In Application: Where flow control of application is controled by labeling the data of the application. Current research is limited to...
I have come across some talks about enabling selinux to achieve resource utilization using rbac. This sounds as a good research area. Do we have anyone to handle this.
here are links…
http://www.linux.com/articles/59932
http://www.bastille-linux.org/
http://mimirsecure.blogspot.com/
http://www.osnews.com/subthread.php?news_id=15784&comment_id=160864
http://www.linux.com/articles/58789
plz each link very closely…some detail are very hiiden…needs...
I have been throught the architecture of loadable policy module. Its really nice. Now I am understanding to handle it and write policies accordingly. I am going through 2005 nsa technical document containing configuration of selinux policies. I hope it helps.
Currently I need to know where the text...
Salams, today we had a comprehensive talk about selinux, trusted computing and formal methods. It was a good get together and we need to have these on regular bases.
Secondly, Mr. MMA discussed his experiance related to IMA usage side by side with selinux. He will share his experiance with us. This will...
As soon as I am over with Recluze, I am going to start working with IPSec and SELinux now that my literature survey is complete (I think so). Next I plan to get some help from MR. MMA to let me in on his findings regarding how to stack IMA on SELinux.
I personally think using TPM’s PCR will be...
This is what I had in mind! -> Network Policy Management But there is still lots of room for work! . This is especially for Mr. MMA.