| 摘要 |
A Security Enhanced Linux (SELinux) system implementing extended policy models and method for their enforcement, is provided. Extended attributes are defined to specify extended policies. The SELinux policy model is extended to include the extended policies. The extended policies are enforced in addition to SELinux Type Enforcement. In one implementation, defining extended attributes involves defining TC-related attributes to specify TC-related policies. Further, extending the SELinux policy model includes extending the SELinux policy model to include the TC-related policies, in addition to SELinux Type Enforcement. Furthermore, enforcing the extended policies includes enforcing the TC-related policies in addition to SELinux Type Enforcement.
|
