Security-Enhanced Linux - Features

Features

  • Clean separation of policy from enforcement
  • Well-defined policy interfaces
  • Support for applications querying the policy and enforcing access control (for example, crond running jobs in the correct context)
  • Independent of specific policies and policy languages
  • Independent of specific security label formats and contents
  • Individual labels and controls for kernel objects and services
  • Support for policy changes
  • Separate measures for protecting system integrity (domain-type) and data confidentiality (multilevel security)
  • Flexible policy
  • Controls over process initialization and inheritance and program execution
  • Controls over file systems, directories, files, and open file descriptors
  • Controls over sockets, messages, and network interfaces
  • Controls over use of "capabilities"
  • Cached information on access-decisions via the AVC (Access Vector Cache)

Read more about this topic:  Security-Enhanced Linux

Famous quotes containing the word features:

    All visible objects, man, are but as pasteboard masks. But in each event—in the living act, the undoubted deed—there, some unknown but still reasoning thing puts forth the mouldings of its features from behind the unreasoning mask. If man will strike, strike through the mask!
    Herman Melville (1819–1891)

    However much we may differ in the choice of the measures which should guide the administration of the government, there can be but little doubt in the minds of those who are really friendly to the republican features of our system that one of its most important securities consists in the separation of the legislative and executive powers at the same time that each is acknowledged to be supreme, in the will of the people constitutionally expressed.
    Andrew Jackson (1767–1845)

    “It looks as if
    Some pallid thing had squashed its features flat
    And its eyes shut with overeagerness
    To see what people found so interesting
    In one another, and had gone to sleep
    Of its own stupid lack of understanding,
    Or broken its white neck of mushroom stuff
    Short off, and died against the windowpane.”
    Robert Frost (1874–1963)