Enhancing Security in Linux

CIOL Bureau
Updated On
New Update

Though Linux is regarded as a very secure OS, its security is not military

grade. To create a very secure OS, the NSA (National Security Agency,a part of

US Department of Defense) and SCC (Secure Computing Corporation) designed an OS

security architecture in 1992-93. This was gradually adopted into an OS

prototype called Fluke. Its objective was to provide flexible support for

different security policies over the traditional Unix security architecture.

Another team from the University of Utah, called the Utah Flex team, also joined

the Fluke project and the final outcome was Flask, which is a security-enhanced

version of the Fluke OS. It is this Flask architecture that is now being

implemented in Linux and is called SE Linux (Security Enhanced Linux). With this

move, the technology has been transferred to the Linux community of developers

and users. NSA expects that SE Linux will be a trusted OS when combined with

other levels of security and reliabilities, such as auditing and documentation. 



Security and network administrators

Install an additional security layer on your Linux server

Now let's see how SE Linux works. To understand this let's consider a

scenario. Say, you have a Linux server with lots of confidential data and to

secure it you have given data access only to the root user. However, this

machine also has regular users logging in using Telnet to access their data. Now

suppose, one of the users manages to get hold of the root password, and gains

root privileges running the su command after logging in through Telnet. All your

machine's security is gone!

With SE Linux, users get another layer of security through ACLs (Access

Control Lists) and a new concept, which identifies users by security contexts.

So when you Telnet into the Linux box, you have to first provide a user name and

password. Then, if you need root access, you 'su' from the Telnet terminal. In

regular Linux, you'll be given access with root privileges.


Know Terms For Se Linux


Identity is somewhat like traditional Unix UID. In

case of SE Linux, even if you 'su' to another user, then

also the UID changes, but it is not necessary that the

ID will also change. It depends on your role, which will

allow the ID to either change or not. 


Every process needs a domain to run. A

domain determines the actions, which are allowed by a

process. And when a user ID is added, it defines the

space of operation for you.


A type is assigned to any object and it

determines who gets to access that particular object.

The definition for domain is also somewhat the same, but

the difference is that a domain applies to a process

and, a type applies to objects such as directories and


Role: The role defines the domains, which you can
enter and use, so if a role is not authorized to enter a

domain you won't be able to run the processes in that



The words in bold in the above examples are the ID,
Domain and Role respectively.

However, with SE Linux, even if you 'su' as root, you will still have the

same security context as used when logging into the Telnet session. You will not

be able to access anything you aren't authorized for. This is achieved by

implementing some policies and roles over the standard user-level security of

Linux. Let's see how to install SE Linux and define these roles and policies for


SE Linux is now available for Linux distros, such as Fedora, Gentoo and

Debian. We used Fedora Core 2 since it comes with SE Linux built-in. It's not

too difficult to install FC 2 with SE Linux. Place the first FC 2 CD in the

drive and boot from it. At the Installation Boot prompt, type 'selinux' and

press Enter. This will start the installation with SE Linux. When we did a 'full

installation' of, SE Linux installed without any problems. However, when we did

a 'workstation' install, the SE Linux policy source didn't install. This is very

important for creating your own policies. So, if you do a 'custom' install, then

look for a folder '/etc/security/selinux/src'. If it's not there, then the SE

Linux policy source hasn't been installed. You will then need to install the

'policy-source' rpm from the second FC 2 CD. 


After the installation run the 'id' command from a terminal window. This will

give the following output.


Here, the user ID is 'root', 'sysadm_r' is the role assigned to you and 'sysadm_t'

is the domain on which you will be able to run any process (for these terms read

the box). Depending on your need you can have more than one role and domain

combination. For instance, you can configure a user to be in sysadm_t domain

when logged on locally, but when he logs on over SSH, he will only be able to

get into the user_t domain.


To create new users and policies, create a new user, say 'seuser', who will

be a member of the 'users' group and assign a password to him as: 

#useradd -c “SE Linux user” -m -g users


#passwd user

Now you have to assign a role to this user. For this open the file

called/etc/security/selinux/src/policies/users using a text editor, scroll down

to the bottom and add the following line.


'user seuser roles { user_r };' 

Now the user configurations are set, but the profile is not created. So run 

#make -C/etc/security/selinux/src/ policy



This will compile, create and load your modified policies. To check whether

it's working, re-login as 'seuser' and type 'id' from a terminal window. It

should show something like this:


Now, you have successfully created a new user and assigned it a proper role.

Next month, we will see how you can create you own roles and domains.


Sourced from: PCQuest