SELinux Coloring book?

SELinux Coloring book?

[Daniel J Walsh]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

New article on opensource.com describing SELinux enforcement in simple terms.
 Check it out.

http://opensource.com/business/13/11/selinux-policy-guide

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKDlmQACgkQrlYvE4MpobOjsACfZ4Vtbl8ypCUcN4ofVv/UeeVy
/+0AoNGtmaM2Sz2ONX1fOtW/TpTcm2Ob
=td+O
-----END PGP SIGNATURE-----

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[Paul Howarth]

On 13/11/13 15:10, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> New article on opensource.com describing SELinux enforcement in simple terms.
>   Check it out.
>
> http://opensource.com/business/13/11/selinux-policy-guide

SELinux was in RHEL 4, not just since RHEL 6. We still have an EL4 box 
on extended life support here with SELinux enforcing.

# sestatus
SELinux status:		enabled
SELinuxfs mount:	/selinux
Current mode:		enforcing
Mode from config file:	enforcing
Policy version:		18
Policy from config file:targeted

Policy booleans:
allow_syslog_to_console	inactive
allow_ypbind		inactive
dhcpd_disable_trans	inactive
httpd_builtin_scripting	active
httpd_disable_trans	inactive
httpd_enable_cgi	active
httpd_enable_homedirs	active
httpd_ssi_exec		active
httpd_tty_comm		inactive
httpd_unified		active
mysqld_disable_trans	inactive
named_disable_trans	inactive
named_write_master_zonesinactive
nscd_disable_trans	inactive
ntpd_disable_trans	inactive
pegasus_disable_trans	inactive
portmap_disable_trans	inactive
postgresql_disable_transinactive
snmpd_disable_trans	inactive
squid_disable_trans	inactive
syslogd_disable_trans	inactive
use_nfs_home_dirs	inactive
use_samba_home_dirs	inactive
use_syslogng		inactive
winbind_disable_trans	inactive
ypbind_disable_trans	inactive
# cat /etc/redhat-release
Red Hat Enterprise Linux ES release 4 (Nahant Update 9)

Of course, things have changed quite a bit since EL4...

Paul.




--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[Daniel J Walsh]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/13/2013 11:00 AM, Paul Howarth wrote:
> On 13/11/13 15:10, Daniel J Walsh wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> 
>> New article on opensource.com describing SELinux enforcement in simple
>> terms. Check it out.
>> 
>> http://opensource.com/business/13/11/selinux-policy-guide
> 
> SELinux was in RHEL 4, not just since RHEL 6. We still have an EL4 box on 
> extended life support here with SELinux enforcing.

Yes this is a typo and I have asked OpenSource.com to fix it.  People seem to
be reading it closely, since I have heard for lots of people about this.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKDpMcACgkQrlYvE4MpobMhhgCfaqjqpl0ze4JxCqvHBh1luR3x
HJEAoMIG3B1NugAW5Im+LCP3Ktub2I+U
=7gbs
-----END PGP SIGNATURE-----

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[leo kirotawa]

[-- Attachment #1: Type: text/plain, Size: 626 bytes --]

it is a interesting approach...but why tux(kernel/pinguin) has this psycho
face, hehe.


On Wed, Nov 13, 2013 at 3:10 PM, Lakshmipathi.G <lakshmipathi.g@gmail.com>wrote:

>
>
>> http://opensource.com/business/13/11/selinux-policy-guide
>>
>>
> Thanks! Its an interesting approach for SELinux guide/document.
>
> --
> ----
> Cheers,
> Lakshmipathi.G
> FOSS Programmer.
> www.giis.co.in
>
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>



-- 
----------------------------------------------
Leônidas S. Barbosa (Kirotawa)

[-- Attachment #2: Type: text/html, Size: 1555 bytes --]

Re: SELinux Coloring book?

[Dominick Grift]

On Wed, 2013-11-13 at 11:13 -0600, Bruno Wolff III wrote:
> On Wed, Nov 13, 2013 at 17:10:43 +0000,
>    Tony Scully <tonyjscully@gmail.com> wrote:
> >That's excellent!
> 
> The mls case might have been overly simplified. It didn't cover writing, 
> where the dominance goes in the other direction. People might be incorrectly 
> left with the impression the top secret can do everything that secret 
> can do.
> --

I agree with you on the danger of oversimplification in generel with
regard to explaining SELinux

This is also why i find it sub-optimal to leave the two other default
security models out of the equation (RBAC/IBAC)

It is mentioned in the article that SELinux complements Linux security,
by briefly touching on IBAC one would clarify at least to some degree
how SELinux associates with Linux security

RBAC by itself is worth mentioning in my view, if only to have touched
on each security attribute in a security context tuple.

The idea of the illustrated article is nice, but the article is not
comprehensive.

Granted, there are constraints. You cannot simply publish a three page
article on a medium like this i suspect




--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[Daniel J Walsh]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/13/2013 12:13 PM, Bruno Wolff III wrote:
> On Wed, Nov 13, 2013 at 17:10:43 +0000, Tony Scully <tonyjscully@gmail.com>
> wrote:
>> That's excellent!
> 
> The mls case might have been overly simplified. It didn't cover writing,
> where the dominance goes in the other direction. People might be
> incorrectly left with the impression the top secret can do everything that
> secret can do.

Yes I don't think we need to take the analogy too far...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKDv80ACgkQrlYvE4MpobOlowCfbZtlCMV0DnXgTVGGoRyxi4s0
qGoAoNfTz8t+CjQNmbuHQvFtL894534K
=tIab
-----END PGP SIGNATURE-----

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[Daniel J Walsh]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/13/2013 12:35 PM, Dominick Grift wrote:
> On Wed, 2013-11-13 at 11:13 -0600, Bruno Wolff III wrote:
>> On Wed, Nov 13, 2013 at 17:10:43 +0000, Tony Scully
>> <tonyjscully@gmail.com> wrote:
>>> That's excellent!
>> 
>> The mls case might have been overly simplified. It didn't cover writing,
>>  where the dominance goes in the other direction. People might be
>> incorrectly left with the impression the top secret can do everything
>> that secret can do. --
> 
> I agree with you on the danger of oversimplification in generel with regard
> to explaining SELinux
> 
> This is also why i find it sub-optimal to leave the two other default 
> security models out of the equation (RBAC/IBAC)
> 
> It is mentioned in the article that SELinux complements Linux security, by
> briefly touching on IBAC one would clarify at least to some degree how
> SELinux associates with Linux security
> 
> RBAC by itself is worth mentioning in my view, if only to have touched on
> each security attribute in a security context tuple.
> 
> The idea of the illustrated article is nice, but the article is not 
> comprehensive.
> 
> Granted, there are constraints. You cannot simply publish a three page 
> article on a medium like this i suspect
> 
> 
> 
Maybe a followup that describes RBAC.  Not sure how the analogy would work
though.

Suggestions welcome.

Dog Role, See Eye Dog Role, Rescue Dog Role.

RBAC is always hard to describe especially when you start defining SELinux Users.

Login User -> SELinux User -> roles -> Types.

The Russian dolls model is the best I have come up with.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKDwH0ACgkQrlYvE4MpobOmDACgnwBUbk7Vg1DwpkGTO8SenHLD
dFwAoOmzqZ+sfFVRkHH4r+hbxS8x1sgK
=ge9w
-----END PGP SIGNATURE-----

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

RE: SELinux Coloring book?

[Radzykewycz, T (Radzy)]

General question:

Does the "coloring book" really need to cover all aspects of security, and cover them in depth?  If this is a kindergarten grade level introduction, then explaining all the nuances of priority may be too much to ask.  If it is for more experienced audiences, then why does it need to be a coloring book?

See Spot.  See Spot run.  See Spot manage the pack's dominance hierarchy through vociferous displays of aggressive behavior.  Run, Spot, run!


________________________________________
From: owner-selinux@tycho.nsa.gov [owner-selinux@tycho.nsa.gov] on behalf of Daniel J Walsh [dwalsh@redhat.com]
Sent: Wednesday, November 13, 2013 9:10 AM
To: Dominick Grift; Bruno Wolff III
Cc: Tony Scully; Community support for Fedora users; Fedora SELinux Users; SELinux
Subject: Re: SELinux Coloring book?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/13/2013 12:35 PM, Dominick Grift wrote:
> On Wed, 2013-11-13 at 11:13 -0600, Bruno Wolff III wrote:
>> On Wed, Nov 13, 2013 at 17:10:43 +0000, Tony Scully
>> <tonyjscully@gmail.com> wrote:
>>> That's excellent!
>>
>> The mls case might have been overly simplified. It didn't cover writing,
>>  where the dominance goes in the other direction. People might be
>> incorrectly left with the impression the top secret can do everything
>> that secret can do. --
>
> I agree with you on the danger of oversimplification in generel with regard
> to explaining SELinux
>
> This is also why i find it sub-optimal to leave the two other default
> security models out of the equation (RBAC/IBAC)
>
> It is mentioned in the article that SELinux complements Linux security, by
> briefly touching on IBAC one would clarify at least to some degree how
> SELinux associates with Linux security
>
> RBAC by itself is worth mentioning in my view, if only to have touched on
> each security attribute in a security context tuple.
>
> The idea of the illustrated article is nice, but the article is not
> comprehensive.
>
> Granted, there are constraints. You cannot simply publish a three page
> article on a medium like this i suspect
>
>
>
Maybe a followup that describes RBAC.  Not sure how the analogy would work
though.

Suggestions welcome.

Dog Role, See Eye Dog Role, Rescue Dog Role.

RBAC is always hard to describe especially when you start defining SELinux Users.

Login User -> SELinux User -> roles -> Types.

The Russian dolls model is the best I have come up with.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKDwH0ACgkQrlYvE4MpobOmDACgnwBUbk7Vg1DwpkGTO8SenHLD
dFwAoOmzqZ+sfFVRkHH4r+hbxS8x1sgK
=ge9w
-----END PGP SIGNATURE-----

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[Dominick Grift]

On Wed, 2013-11-13 at 18:37 +0000, Radzykewycz, T (Radzy) wrote:
> General question:
> 
> Does the "coloring book" really need to cover all aspects of security, and cover them in depth?  If this is a kindergarten grade level introduction, then explaining all the nuances of priority may be too much to ask.  If it is for more experienced audiences, then why does it need to be a coloring book?
> 
> See Spot.  See Spot run.  See Spot manage the pack's dominance hierarchy through vociferous displays of aggressive behavior.  Run, Spot, run!
> 

Yes, good point

But why favor one aspect over another?

Also in SELinux everything is associated one way or another. If you
leave out pieces, then you end up with loose ends. Loose end can be
confusing

If you're comprehensive, then pieces tend to fall into place

That helps getting the overall big picture




--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[Dominick Grift]

On Wed, 2013-11-13 at 20:01 +0100, Dominick Grift wrote:
> On Wed, 2013-11-13 at 18:37 +0000, Radzykewycz, T (Radzy) wrote:
> > General question:
> > 
> > Does the "coloring book" really need to cover all aspects of security, and cover them in depth?  If this is a kindergarten grade level introduction, then explaining all the nuances of priority may be too much to ask.  If it is for more experienced audiences, then why does it need to be a coloring book?
> > 
> > See Spot.  See Spot run.  See Spot manage the pack's dominance hierarchy through vociferous displays of aggressive behavior.  Run, Spot, run!
> > 
> 
> Yes, good point
> 
> But why favor one aspect over another?
> 
> Also in SELinux everything is associated one way or another. If you
> leave out pieces, then you end up with loose ends. Loose end can be
> confusing
> 
> If you're comprehensive, then pieces tend to fall into place
> 
> That helps getting the overall big picture
> 

What i am suggesting here is that sometimes, what seems like a longer
route initially, may end up being the shortest route after all in my
view

I sincerely think that it is better to be comprehensive, than to cherry
pick some aspects if your aim is to provide the audience with the big
picture

Plus, i think dominance hierarchy, and "no read up/no write down" can
also be explained through simple illustrations





--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

RE: SELinux Coloring book?

[Radzykewycz, T (Radzy)]

Yes, I don't disagree with anything you've said.

My point is that this is supposed to be simple and easy-to-understand.  It's intended (I think) to address the complaint that many people have, that SE Linux is too complex, which I'm sure you've all heard.

If it gets too complex, then people will stop reading, and just continue with their current pre-conception that it's "too hard."  If that happens, then the effort to put it together is wasted.  I don't want that.  I would prefer if this allows people to get past their "too hard" ideas.  And all complexity that is added makes that more probable.  Even the goal of addressing the big picture, at all, makes it more complex.

If a kid is learning "see spot" then the idea of a pack dominance hierarchy is advanced material, as is mention of displays of aggressive behavior.  To say nothing of the mere word "vociferous."  The pack dominance hierarchy and descriptions of behavior are necessary for the big picture, but they aren't basic introductory material.

I don't think there isn't room for improvement.  I just hope that trying for the big picture confuses more people than it needs to, especially since too many people already think it's too complex.

I also think that it's pretty good, as it is right now, for what it is trying to do.  So: kudos to the authors!  :)


________________________________________
From: Dominick Grift [dominick.grift@gmail.com]
Sent: Wednesday, November 13, 2013 10:25 AM
To: Radzykewycz, T (Radzy)
Cc: Daniel J Walsh; Bruno Wolff III; Tony Scully; SELinux
Subject: Re: SELinux Coloring book?

On Wed, 2013-11-13 at 20:01 +0100, Dominick Grift wrote:
> On Wed, 2013-11-13 at 18:37 +0000, Radzykewycz, T (Radzy) wrote:
> > General question:
> >
> > Does the "coloring book" really need to cover all aspects of security, and cover them in depth?  If this is a kindergarten grade level introduction, then explaining all the nuances of priority may be too much to ask.  If it is for more experienced audiences, then why does it need to be a coloring book?
> >
> > See Spot.  See Spot run.  See Spot manage the pack's dominance hierarchy through vociferous displays of aggressive behavior.  Run, Spot, run!
> >
>
> Yes, good point
>
> But why favor one aspect over another?
>
> Also in SELinux everything is associated one way or another. If you
> leave out pieces, then you end up with loose ends. Loose end can be
> confusing
>
> If you're comprehensive, then pieces tend to fall into place
>
> That helps getting the overall big picture
>

What i am suggesting here is that sometimes, what seems like a longer
route initially, may end up being the shortest route after all in my
view

I sincerely think that it is better to be comprehensive, than to cherry
pick some aspects if your aim is to provide the audience with the big
picture

Plus, i think dominance hierarchy, and "no read up/no write down" can
also be explained through simple illustrations






--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[Casey Schaufler]

On 11/13/2013 12:58 PM, Radzykewycz, T (Radzy) wrote:
> Yes, I don't disagree with anything you've said.
>
> My point is that this is supposed to be simple and easy-to-understand.  It's intended (I think) to address the complaint that many people have, that SE Linux is too complex, which I'm sure you've all heard.

The coloring book is cute. Good job, well done.

> If it gets too complex, then people will stop reading, and just continue with their current pre-conception that it's "too hard."  If that happens, then the effort to put it together is wasted.  I don't want that.  I would prefer if this allows people to get past their "too hard" ideas.  And all complexity that is added makes that more probable.  Even the goal of addressing the big picture, at all, makes it more complex.

Well, there is that.


> If a kid is learning "see spot" then the idea of a pack dominance hierarchy is advanced material, as is mention of displays of aggressive behavior.  To say nothing of the mere word "vociferous."  The pack dominance hierarchy and descriptions of behavior are necessary for the big picture, but they aren't basic introductory material.
>
> I don't think there isn't room for improvement.  I just hope that trying for the big picture confuses more people than it needs to, especially since too many people already think it's too complex.
>
> I also think that it's pretty good, as it is right now, for what it is trying to do.  So: kudos to the authors!  :)
>
>
> ________________________________________
> From: Dominick Grift [dominick.grift@gmail.com]
> Sent: Wednesday, November 13, 2013 10:25 AM
> To: Radzykewycz, T (Radzy)
> Cc: Daniel J Walsh; Bruno Wolff III; Tony Scully; SELinux
> Subject: Re: SELinux Coloring book?
>
> On Wed, 2013-11-13 at 20:01 +0100, Dominick Grift wrote:
>> On Wed, 2013-11-13 at 18:37 +0000, Radzykewycz, T (Radzy) wrote:
>>> General question:
>>>
>>> Does the "coloring book" really need to cover all aspects of security, and cover them in depth?  If this is a kindergarten grade level introduction, then explaining all the nuances of priority may be too much to ask.  If it is for more experienced audiences, then why does it need to be a coloring book?
>>>
>>> See Spot.  See Spot run.  See Spot manage the pack's dominance hierarchy through vociferous displays of aggressive behavior.  Run, Spot, run!
>>>
>> Yes, good point
>>
>> But why favor one aspect over another?
>>
>> Also in SELinux everything is associated one way or another. If you
>> leave out pieces, then you end up with loose ends. Loose end can be
>> confusing
>>
>> If you're comprehensive, then pieces tend to fall into place
>>
>> That helps getting the overall big picture
>>
> What i am suggesting here is that sometimes, what seems like a longer
> route initially, may end up being the shortest route after all in my
> view
>
> I sincerely think that it is better to be comprehensive, than to cherry
> pick some aspects if your aim is to provide the audience with the big
> picture
>
> Plus, i think dominance hierarchy, and "no read up/no write down" can
> also be explained through simple illustrations
>
>
>
>
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: SELinux Coloring book?

[Dominick Grift]

On Wed, 2013-11-13 at 20:58 +0000, Radzykewycz, T (Radzy) wrote:
> Yes, I don't disagree with anything you've said.
> 
> My point is that this is supposed to be simple and easy-to-understand.  It's intended (I think) to address the complaint that many people have, that SE Linux is too complex, which I'm sure you've all heard.
> 
> If it gets too complex, then people will stop reading, and just continue with their current pre-conception that it's "too hard."  If that happens, then the effort to put it together is wasted.  I don't want that.  I would prefer if this allows people to get past their "too hard" ideas.  And all complexity that is added makes that more probable.  Even the goal of addressing the big picture, at all, makes it more complex.
> 
> If a kid is learning "see spot" then the idea of a pack dominance hierarchy is advanced material, as is mention of displays of aggressive behavior.  To say nothing of the mere word "vociferous."  The pack dominance hierarchy and descriptions of behavior are necessary for the big picture, but they aren't basic introductory material.
> 
> I don't think there isn't room for improvement.  I just hope that trying for the big picture confuses more people than it needs to, especially since too many people already think it's too complex.
> 
> I also think that it's pretty good, as it is right now, for what it is trying to do.  So: kudos to the authors!  :)
> 

Sure i like the article as well, and i also think there is room for
improvement.

The articles title is one of those areas. It was the main reason for my
reply. I do not believe that the title reflects the contents accurately.

If the title would be something like ...

"Your visual teaser for SELinux policy enforcement"

... Then in my mind there would be no doubt that the article achieved
its goal.


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.