Useful Links
Computer Science
Operating Systems
Linux
Linux Security
1. Introduction to Linux Security
2. User and Group Management
3. Filesystem and Data Security
4. Mandatory Access Control (MAC) Frameworks
5. Network Security
6. System Auditing, Logging, and Monitoring
7. System Hardening
8. Advanced Security Topics
Mandatory Access Control (MAC) Frameworks
SELinux (Security-Enhanced Linux)
Core Concepts
Subjects and Objects
Security Contexts
Type Enforcement
Multi-Level Security
Multi-Category Security
Security Context Components
User Component
Role Component
Type Component
Level Component
Policy Types
Targeted Policy
MLS Policy
Minimum Policy
Custom Policies
SELinux Modes
Enforcing Mode
Permissive Mode
Disabled Mode
Mode Transitions
Context Management
Viewing Contexts
Changing Contexts
Restoring Contexts
Context Inheritance
Boolean Management
SELinux Booleans
Viewing Booleans
Setting Booleans
Persistent Changes
Policy Management
Policy Modules
Loading Policies
Policy Compilation
Custom Policy Development
Troubleshooting SELinux
Audit Log Analysis
ausearch Usage
sealert Usage
Common Denial Resolution
Performance Impact
AppArmor
Core Concepts
Profiles
Path-based Access Control
Capabilities
Network Access Control
Profile Types
Enforce Mode
Complain Mode
Unconfined Mode
Profile Management
Profile Status
Mode Changes
Profile Loading
Profile Unloading
Profile Development
aa-genprof Usage
aa-logprof Usage
Manual Profile Creation
Profile Testing
AppArmor Tools
aa-status Command
aa-enforce Command
aa-complain Command
aa-disable Command
Comparison of MAC Systems
SELinux vs AppArmor
Performance Considerations
Ease of Management
Policy Flexibility
Previous
3. Filesystem and Data Security
Go to top
Next
5. Network Security