Random people Random location Random misc

The Simplified Mandatory Access Control Kernel


Smack stands for "Simplified Mandatory Access Control Kernel". Simplified is the first part of the name because it is much less complicated than the other leading brand. Mandatory Access Control comes next because the system implements a full label based access control scheme. The name ends with Kernel to emphasis that the mechanism is kernel based and does not
require extensive external assistance.

This talk will include a very brief description of mandatory access control (MAC) concepts, principles, and jargon. There will be mention of how other systems have implemented MAC and some of the advantages and shortcomings of those systems. Some of the common uses to which MAC systems have been put will be presented.

An overview of Smack, the facilities it provides, and the mechanisms it uses comes next. This will include an introduction to the access rules scheme and examples of how it can be used to provide multi-level secure, Biba integrity, and a collection of other useful security models.

Details of the implementation of Smack will be covered. The labeling scheme for processes and files will be outlined. File system defaults and mount options as well as solutions to the "/tmp" and "/dev/null" problems are addressed. The Smack networking model and how it leverages the existing netlabel interfaces will be explained. This section concludes with a short commentary on Linux Security Modules (LSM) and the value it has provided to the project.

The programming and administrative interfaces provided by the smackfs pseudo-filesystem are described along with thier intended use. The mechanisms and constraints for changing MAC attributes on processes, files, and network connections are explained.

This presentation is targeted to applications programmers who might want to write programs for a MAC system, kernel developers who are considering their own LSM based projects, and anyone who wants stronger Linux security.

Project: Smack 


Casey Schaufler

Casey Schaufler founded the Smack project in 2006 after an especially heated debate with the SELinux developers on a topic now long forgotten. He has been developing secure operating systems since the late 1980's, starting the system that became Trusted Solaris and architecting Trusted Irix. He was the technical editor for the influential POSIX P1003.1e/2c security draft standard and worked as a member of the Trusted Systems Interoperability Group (TSIG), the source of the CIPSO IP protocol option. His development group proposed the initial LSM implementation.

Casey Schaufler

Casey Schaufler founded the Smack project in 2006 after an especially heated debate with the SELinux developers on a topic now long forgotten. He has been developing secure operating systems since the late 1980's, starting the system that became Trusted Solaris and architecting Trusted Irix. He was the technical editor for the influential POSIX P1003.1e/2c security draft standard and worked as a member of the Trusted Systems Interoperability Group (TSIG), the source of the CIPSO IP protocol option. His development group proposed the initial LSM implementation.

© 2007 MEL8OURNE LCA2008 and Linux Australia | Linux is a registered trademark of Linus Torvalds | Site map | Valid XHTML 1.0

rja