Advertisment

Enhancing Security in Linux

author-image
CIOL Bureau
Updated On
New Update

Though Linux is regarded as a very secure OS, its security is not military
grade. To create a very secure OS, the NSA (National Security Agency,a part of
US Department of Defense) and SCC (Secure Computing Corporation) designed an OS
security architecture in 1992-93. This was gradually adopted into an OS
prototype called Fluke. Its objective was to provide flexible support for
different security policies over the traditional Unix security architecture.
Another team from the University of Utah, called the Utah Flex team, also joined
the Fluke project and the final outcome was Flask, which is a security-enhanced
version of the Fluke OS. It is this Flask architecture that is now being
implemented in Linux and is called SE Linux (Security Enhanced Linux). With this
move, the technology has been transferred to the Linux community of developers
and users. NSA expects that SE Linux will be a trusted OS when combined with
other levels of security and reliabilities, such as auditing and documentation. 

Advertisment
Direct
Hit!
Applies
to:
Security and network administrators
USP:
Install an additional security layer on your Linux server
Links:
www.nsa.gov/selinux,
www.cs.utah.edu/flux/fluke/html/index.html 

Now let's see how SE Linux works. To understand this let's consider a
scenario. Say, you have a Linux server with lots of confidential data and to
secure it you have given data access only to the root user. However, this
machine also has regular users logging in using Telnet to access their data. Now
suppose, one of the users manages to get hold of the root password, and gains
root privileges running the su command after logging in through Telnet. All your
machine's security is gone!

With SE Linux, users get another layer of security through ACLs (Access
Control Lists) and a new concept, which identifies users by security contexts.
So when you Telnet into the Linux box, you have to first provide a user name and
password. Then, if you need root access, you 'su' from the Telnet terminal. In
regular Linux, you'll be given access with root privileges.

Advertisment
Must
Know Terms For Se Linux

Identity:
Identity is somewhat like traditional Unix UID. In
case of SE Linux, even if you 'su' to another user, then
also the UID changes, but it is not necessary that the
ID will also change. It depends on your role, which will
allow the ID to either change or not. 



Context=seuser:user_r:user_t



Domain:
Every process needs a domain to run. A
domain determines the actions, which are allowed by a
process. And when a user ID is added, it defines the
space of operation for you.



Context=seuser:user_r:user_t



Type:
A type is assigned to any object and it
determines who gets to access that particular object.
The definition for domain is also somewhat the same, but
the difference is that a domain applies to a process
and, a type applies to objects such as directories and
files.

Role: The role defines the domains, which you can
enter and use, so if a role is not authorized to enter a
domain you won't be able to run the processes in that
domain. 



Context=seuser:user_r:user_t



The words in bold in the above examples are the ID,
Domain and Role respectively.

However, with SE Linux, even if you 'su' as root, you will still have the
same security context as used when logging into the Telnet session. You will not
be able to access anything you aren't authorized for. This is achieved by
implementing some policies and roles over the standard user-level security of
Linux. Let's see how to install SE Linux and define these roles and policies for
users. 

SE Linux is now available for Linux distros, such as Fedora, Gentoo and
Debian. We used Fedora Core 2 since it comes with SE Linux built-in. It's not
too difficult to install FC 2 with SE Linux. Place the first FC 2 CD in the
drive and boot from it. At the Installation Boot prompt, type 'selinux' and
press Enter. This will start the installation with SE Linux. When we did a 'full
installation' of, SE Linux installed without any problems. However, when we did
a 'workstation' install, the SE Linux policy source didn't install. This is very
important for creating your own policies. So, if you do a 'custom' install, then
look for a folder '/etc/security/selinux/src'. If it's not there, then the SE
Linux policy source hasn't been installed. You will then need to install the
'policy-source' rpm from the second FC 2 CD. 

Advertisment

After the installation run the 'id' command from a terminal window. This will
give the following output.

context=root:sysadm_r:sysadm_t

Here, the user ID is 'root', 'sysadm_r' is the role assigned to you and 'sysadm_t'
is the domain on which you will be able to run any process (for these terms read
the box). Depending on your need you can have more than one role and domain
combination. For instance, you can configure a user to be in sysadm_t domain
when logged on locally, but when he logs on over SSH, he will only be able to
get into the user_t domain.

Advertisment

To create new users and policies, create a new user, say 'seuser', who will
be a member of the 'users' group and assign a password to him as: 

#useradd -c “SE Linux user” -m -g users
seuser

#passwd user

Now you have to assign a role to this user. For this open the file
called/etc/security/selinux/src/policies/users using a text editor, scroll down
to the bottom and add the following line.

Advertisment

'user seuser roles { user_r };' 

Now the user configurations are set, but the profile is not created. So run 

#make -C/etc/security/selinux/src/ policy
load

Advertisment

This will compile, create and load your modified policies. To check whether
it's working, re-login as 'seuser' and type 'id' from a terminal window. It
should show something like this:

context:seuser:user_r_user_t

Now, you have successfully created a new user and assigned it a proper role.
Next month, we will see how you can create you own roles and domains.

Advertisment

Sourced from: PCQuest

tech-news