88
Chapter 6. Tools for Manipulating and Analyzing SELinux
Each rule is marked if it is
[enabled]
or
[disabled]
, which shows the current state of that con
ditional in the policy. Changing a value in the Booleans tab within the Policy Components tab is
reflected in the Conditional Expressions Display by running your search again. This is another way
of analyzing the consequences of toggling a Boolean value, entirely within apol.
The last tab under the Policy Rules tab is the RBAC Rules tab. Effectively, you only use the Allow
choice, since role transitions are deprecated. Using the Transition selection is only useful in analyzing
roles in older versions of the SELinux policy, which will not appear in Red Hat Enterprise Linux. The
Default Role menu is disabled because it is only used in the deprecated
role_transition
analysis.
To search, set a Source Role, either as source or any if you want to search for it in both positions in an
allow
rule. Then you set a Target Role value. The search result shows if the source role may assume
the targeted role.
6.3.3. Domain Transition Analysis
Domain transition is one important aspect of TE. Since being in a particular domain is the key to
controlling that domain's derivative types, the strict control of what domains can transition to what
other domains is essential to SELinux security.
Domain transition is looked at from two directions, forward and reverse. In a forward analysis, you
select a source type and search to find all target types it can transition to. You can use search parameters
to refine the results. For a reverse analysis, you select a target type and discover all the source types
that can transition to the target type.
For a domain transition to occur, there must be three particular
allow
rules. These rules control
the source domain that is attempting to transition to the target domain. One rule permits the process
transition itself, a second rule allows the source access to the entry point executable for the target
domain, and the third rule allows the target domain itself to use the executable as an entry point.
Domain transition
analysis
with apol
centers
around
identifying
these
three
rules.
In some cases, more than one appropriate rule is found. The extensive help file,
/usr/share/doc/setools version /dta_help.txt
, is useful in explaining this analysis.
b
c
6.3.4. Direct and Transitive Information Flow
Information flow analysis is a central and challenging part of analyzing an SELinux policy. Your
analysis may find unexpected or dangerous information flows. For example, if you want to be sure
that the content in your
/home/
directories (
user_home_dir_t
) is flowing as you configured it
into the
httpd_t
domain, apol searches through the policy to reveal all the ways information flows
between the two types. This search is show in Figure 6 8:
footer
Our partners:
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Jsp Hosting
Cheap Hosting
Visionwebhosting.net Business web hosting division of Web
Design Plus. All rights reserved