0sec07 - 0.7
0sec 2007
| Speakers | |
|---|---|
|
Robert E. Lee |
| Schedule | |
|---|---|
| Day | 3 |
| Room | Talk |
| Start time | 14:00 |
| Duration | 01:00 |
| Info | |
| ID | 10 |
| Event type | Lecture |
| Track | Talks |
| Language | English |
SELinux
an Introduction to MAC and DTe
To quote a now (in)famous security researcher "0-day can happen to anyone". While to a certain degree this may be true, SELinux with a well thought out policy can greatly limit the impact of an attack.
This talk will contrast high level differences between Discretionary and Mandatory Access Control. It will also introduce the concepts of Domain and Type Enforcement (specifically SELinux's TE implementation). It will conclude with a demonstration of Type Enforcement protecting a system from an application/user-land attack