SELinux Permission Documentation

Sat Jun 9 00:34:49 UTC 2007

Stephen Smalley wrote:
> On Tue, 2007-06-05 at 11:59 -0700, Ken wrote:
>> Ken wrote:
>>> What can be sent and received as rawip to and from kernel_t, and what 
>>> are the limitations of what can be done with the data?  I am interested 
>>> in understanding the security implications of this (and other) SELinux 
>>> permissions.  Is there anyone who can direct me to reference materials 
>>> that explain the security implications of allowing various SELinux 
>>> permissions?
>>>
>> Update:
>> It appears that allowing rawip did not fix the problem, but that it was 
>> only a coincidence that the site worked for me after making the change; 
>> so understanding this permission is now less important to me.
>>
>>
>> I am assuming that since no one answered any of my emails regarding 
>> permission documentation that there is none.  With this this in mind, I 
>> have a suggestion for those who have a good understanding of SELinux: 
>> Please create documentation that will allow an individual to research 
>> and understand the security implications of various permissions without 
>> the need for taking the time to gain an extensive knowledge of the LSM 
>> and SELinux.  This would be very helpful to me (and I am sure to many 
>> other people as well) since I only want to learn what I need to in order 
>> to secure my system, and having a source of information would eliminate 
>> the need to know enough to extract the information myself.
> 
> Hi,
> 
> There are some resources available, but not quite in the form that I
> think you wanted.
> 
> 1) Reference policy documentation of its modules and interfaces
> locally viewable by running /usr/share/selinux/devel/policyhelp, or at:
> http://oss.tresys.com/docs/refpolicy/api/
> I think that this is really more suited to what you want, except that it
> is done on the higher level abstractions/interfaces of refpolicy instead
> of the individual permissions (and it needs more detail).
> 
> 2) Overview of Classes and Permissions
> http://www.tresys.com/selinux/obj_perms_help.html
> These describe the meaning of the classes and permissions, but only in
> general terms, not for specific domains/types.
> 
> 3) SELinux Policy Writing Class Slides
> http://www.tresys.com/selinux/selinux-course-outline
> (click on the slide titles to download them)
> This helps with understanding the policy constructs in general, but
> won't give much detail about individual classes/perms except for the
> specific cases covered.
> 
> 4) SELinux by Example book
> http://www.phptr.com/bookstore/product.asp?isbn=0131963694&rl=1
> This has an appendix much like the overview in (2), but like (3), I
> think most of this book is more oriented toward the policy concepts and
> constructs than the individual classes/perms.
> 
> 5) Original SELinux tech report
> http://www.nsa.gov/selinux/papers/slinux-abs.cfm
> This was the original description of the classes and permissions and
> their rationales, although there have naturally been changes over time.
> 
> 6) LSM-based SELinux tech report
> http://www.nsa.gov/selinux/papers/module-abs.cfm
> This described how the implementation changed for LSM and mapped the LSM hooks
> to SELinux permission checks, so while it can be useful in understanding
> the checks, it is too tied to the implementation to really meet your
> request.
> 
> I think we'd all agree that better end user documentation is needed.
> 

It will probably be a while before I can investigate all the material 
you have listed, but I wanted to thank you before the post became too 
old.  I have already reviewed some of the material, and at present I 
agree that it would be very helpful to have more detailed documentation 
of the basic SELinux permissions.

- Ken -