SELinux security relies on a mandatory access control model. It takes into consideration policy that is defined by the administrator.
- More knowledge and time is required for administration
- Objects on a system are abstracted in two classes, subjects and objects. Subjects are user domains and application domains. Objects are files named_pipes dirs lnk_files fifo_files etc
- Offers fine grained control of security
- Ability to restrict access from subject to objects on a lower level
- Mandatory Access Control disregards Discretionary Access Control
Abonneren op:
Reacties posten (Atom)
Geen opmerkingen:
Een reactie posten