Security
changes in the 2.6.28 kernel
Version 2.6.28
of the Linux kernel was released during Christmas, so I thought it'd be
worthwhile waiting until after typical vacation days to post a summary
of changes to the security subsystem. As always, thanks to the Kernel Newbies folk who track major
kernel changes.
Dummy SELinux policy support
Serge Hallyn added a dummy
policy
for SELinux to the kernel tree. This is useful for testing SELinux and
a base for building minimal and experimental security policies.
Bouned per-thread security contexts for SELinux
KaiGai Kohei submitted a
patch
which allows different threads in a process to be labeled with distinct
security contexts. Such threads are guaranteed to not exceed the
security policy permissions of the parent process. This is part of his
work in extending SELinux to the web application stack, and in this
case, is aimed at constraining in-process web server scripts (e.g.
mod_python applications).
Labeled networking updates
Paul Moore provided a series of updates to the Labeled networking
subsystem, which he promises to document on his blog.
MAC policy for privilege in Smack
Casey Schaufler extended
Smack
so that MAC policy may be used to limit the use of privilege.
Previously, the Smack model maintained strict orthogonality between
privilege and access control, where privileged processes were exempted
from MAC policy enforcement. This feature allows for MAC policy
enforcement of processes running with specific security label (as
written to /smack/onlycap), or for all processes if the onlycap
label is specified as '*'.
