by Toshaan Bharvani (@toshywoshy) on Tuesday, 28 February 2017

+2
Vote on this proposal
Status: Confirmed & Scheduled
View session in schedule
Section
Full talk of 40 mins duration

Technical level
Intermediate

Abstract

Security Enhanced Linux, is still disabled in many cases due to fact that most people do not take the time to understand how to work with SELinux. While in it’s current state SELinux has become very easy to manage and increases security on the overall system and most applications. The segregation of compartments increases the overall security impact and changes the way we can secure a system. In current versions of Enterprise Linux most common applications are predefined in SELinux policies and can be adjusted, by using the right booleans, however other applications can be added easily with the integrated tools, allowing you to run any custom application with SELinux enabled for that application. The presentation explains what SELinux is, how it works, and some practical
use cases. It will briefly show how to implement the predefined policies and how to generate custom policies.

Outline

  • Explain traditional Linux permissions
  • Explain SELinux Manditory Access Control system
  • Explain the mechanisms SELinux uses
  • Short examples on the common problems encountered when using SELinux
  • How to understand SELinux problems
  • How to solve the most common SELinux problems using booleans
  • How to generate SELinux custom policies

Requirements

Basic Linux knowledge

Speaker bio

Toshaan Bharvani is a IT consultant, currently self-employed at VanTosh,
with a interest in Open Source Software and IT Hardware. He started his
IT interest at the age of 5, when his father gave him his first own PC
components. Ever since he has been interested in IT hardware and IT
software. In business, he tends to combine higher level applications
with lower level systems. Toshaan has been involved for some time now in
some open source projects and communities.

Comments

  • 2
    [-] Zainab Bawa (@zainabbawa) Reviewer 6 months ago

    Is this a proposal for a tutorial, or will you explain SELinux scenarios?

  • 1
    [-] Zainab Bawa (@zainabbawa) Reviewer 6 months ago

    Toshan, please share link to draft slides and preview video explaining what this talk is about, and why should the audience attend it.

  • 1
    [-] Toshaan Bharvani (@toshywoshy) Proposer 6 months ago

    Zainab,

    1) I have given a tutorial on SELinux, but I was thinking of only given a presentation, as I do not know if there is an interest for a full tutorial.
    The presentation goes over the basic Linux security from discrete to MAC and further in details on common SELinux problems, how to use the builtin tools, or even create simple policies.

    2) The slides are based upon my previous presentations, I will be updating again.
    http://www.toshaan.com/slides/centosdojobrussels2014-introduction-to-selinux.pdf

Login with Twitter or Google to leave a comment