SELinux Overview and Functionality
16 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the default SELinux policy that protects specific services?

  • Custom Policy
  • Strict Policy
  • Targeted Policy (correct)
  • MLS Policy

    • Which command would you use to check the current SELinux mode?

  • ls -Z
  • semanage
  • setenforce
  • getenforce (correct)

    • Which command can you use to modify SELinux file contexts?

  • semanage (correct)
  • ausearch
  • restorecon
  • getenforce

    • If a web server cannot access a custom directory, what is the first step to troubleshoot the issue?

    <p>Check the logs</p> Signup and view all the answers

    Which of the following statements about SELinux is accurate?

    <p>SELinux functions like guards in a castle.</p> Signup and view all the answers

    What should you do after adjusting a SELinux policy to allow access to a directory?

    <p>Retry and confirm access</p> Signup and view all the answers

    What output can you expect when you run the command getenforce?

    <p>Permissive</p> Signup and view all the answers

    In a high-security environment, which SELinux policy would be most appropriate?

    <p>MLS Policy</p> Signup and view all the answers

    What is the primary function of SELinux in a Linux system?

    <p>Restrict processes based on explicit permissions</p> Signup and view all the answers

    Which mode of SELinux actively blocks actions that are not explicitly allowed?

    <p>Enforcing</p> Signup and view all the answers

    What does the security context in SELinux indicate?

    <p>The user, role, and type associated with a file or process</p> Signup and view all the answers

    How does the Permissive mode of SELinux operate?

    <p>It allows all actions and logs violations</p> Signup and view all the answers

    Which statement best describes the Disabled mode of SELinux?

    <p>Severely compromises system security</p> Signup and view all the answers

    What potential risk does SELinux help mitigate on a Linux server?

    <p>File access by applications without permission</p> Signup and view all the answers

    What role does SELinux play in the context of a compromised application?

    <p>It prevents unauthorized access to critical files</p> Signup and view all the answers

    SELinux policies primarily control which of the following aspects?

    <p>Access levels for processes and users</p> Signup and view all the answers

    Study Notes

    SELinux Overview

    • SELinux (Security-Enhanced Linux) is a Linux kernel security module
    • It's a bouncer at the Linux system, controlling access. Only allowing actions that are explicitly permitted.

    SELinux Purpose

    • Acts as an internal security system for Linux servers, preventing unauthorized access to files & resources.
    • Prevents unauthorized use of system resources by processes.
    • Protects against malicious processes & escalated privileges.
    • Prevents web servers from accessing sensitive system directories.

    SELinux Functionality

    • Uses policies to control what processes can do.
    • Defines who (user/process) can access, what (read, write, execute), and where (files/directories).

    SELinux Modes

    • Enforcing: Active, blocks unauthorized actions.
    • Permissive: Watches but doesn’t block, logs violations for later analysis.
    • Disabled: Insecure, no protection.

    SELinux Contexts

    • Every file, process, and user has a security context (name tag).
    • This context specifies a user, role, type, and security level. Example: httpd_sys_content_t type context for web server content.

    SELinux Policies

    • Targeted Policy: Protects specific services.
    • MLS Policy (Multi-Level Security): High-security environments.

    SELinux Commands

    • getenforce: Checks current SELinux mode.
    • setenforce 0: Sets SELinux to permissive mode.
    • setenforce 1: Sets SELinux to enforcing mode.
    • ls -Z /path/to/file: Lists file contexts.
    • restorecon -v /path/to/file: Restores default file contexts.
    • semanage: Used to manage SELinux policies (e.g., semanage fcontext, restorecon).
    • ausearch -m avc -ts recent or journalctl | grep SELinux: Examining log for SELinux events.

    SELinux Troubleshooting

    • Logs: Examine audit logs (ausearch) or system logs (journalctl).
    • Policies: Adjust or create policies using semanage to allow required access.
    • Restoring Contexts: Using restorecon for default configurations.

    Real-World Analogy

    • SELinux functions like guards inside a castle (Linux system).
    • The firewall is the castle itself, keeping bad guys out (external security).
    • SELinux is the castle workforce, preventing wrong access.

    Important Note

    • Disabling SELinux weakens security, leading to potentially significant risks.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers the principles of SELinux, an essential security feature of Linux systems. Learn about its purpose, functionality, different modes, and how security contexts are implemented to control access to resources effectively. Test your knowledge on how SELinux enhances security for Linux servers.

    More Like This

    Use Quizgecko on...
    Browser
    Open
    Browser
    Browser