mandatory-access-control – Page 2

Mandatory access control vs Discretionary access control

Posted on November 9, 2019 by Sachin Yadav

I have referred this answer but I couldn’t understand it properly.

I know that

Mandatory access control (MAC) is a system-controlled policy
restricting access to resource objects (such as data files, devices,
systems… Continue reading Mandatory access control vs Discretionary access control→

Why is linux filesystem considered DAC and not MAC

Posted on December 5, 2018 by user134167

Citing wikipedia’s MAC article:

With mandatory access control, this security policy is centrally
controlled by a security policy administrator; users do not have the
ability to override the policy and, for example, grant access to … Continue reading Why is linux filesystem considered DAC and not MAC→

Matrix to Multi-level security

Posted on September 28, 2018 by Wei Wen

How to convert access control matrix to Bell-LaPadula.
Can teach me step by step

Continue reading Matrix to Multi-level security→

what is the step for converting Bell-LaPadula Model lattice using Access Control Matrix

Posted on September 27, 2018 by Wei Wen

O1 O2 O3 O4
S1 w r w rw
S2 rw r
S3 w w r
S4 w w w r
S5 rw rw r

Gener… Continue reading what is the step for converting Bell-LaPadula Model lattice using Access Control Matrix→

How does one grant access to directories with SELinux’s sandbox utility? [migrated]

Posted on June 30, 2018 by user1992

I’m trying to run Tor Browser Bundle within an SELinux sandbox. I tried to do the following, after looking at man sandbox:

[redacted@localhost ~]$ sandbox -X -H sehome -T tmp -I /run/user/1000/dbus-1/* -t sandbox_web_t ~/Dow… Continue reading How does one grant access to directories with SELinux’s sandbox utility? [migrated]→

Can a badly configured AppArmor profile reduce security?

Posted on April 24, 2018 by reed

Can a badly or even maliciously configured AppArmor profile reduce security, or can it only improve it? I read that apparently AppArmor cannot override unix file permissions, so it shouldn’t give a user more read-write-execut… Continue reading Can a badly configured AppArmor profile reduce security?→

What are the security risks of running a daemon as root even though SELinux is enforcing?

Posted on April 22, 2018 by sob

On an board running Linux I see a daemon and an utility run under root when started. The SELinux is enforcing for this system.

Are there any potential threats of running as root, even if the SELinux policies are quite well written and str… Continue reading What are the security risks of running a daemon as root even though SELinux is enforcing?→

The Access control Matrix weakness

Posted on April 19, 2018 by Nick

I know it’s not the proper place to ask this kind of questions. However I really need to understand the weakness of this policy of this access control matrix and how the user S3 can read the file.txt.

———————–… Continue reading The Access control Matrix weakness→

Question about compare Bell-LaPadula and Biba models with Chinese wall policy

Posted on March 17, 2018 by belle

what the Chinese wall models try to achieve and how it differ from or improve upon the Bell-LaPadula and Biba models

Continue reading Question about compare Bell-LaPadula and Biba models with Chinese wall policy→

Can too restrictive Linux MAC policy decrease security?

Posted on March 6, 2018 by tegoo

Can too restrictive MAC profile (e.x. AppArmor profile) decrease application security?

For example: could it be that too restrictive environment for web browser will protect host system very well while disabling some internal browser sec… Continue reading Can too restrictive Linux MAC policy decrease security?→