Follow Slashdot stories on Twitter


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - SELinux vs. Solaris Trusted Extensions

An anonymous reader writes: Comparison between the two only Multi-level-security Operating Systems available. xtensions-vs-selinux/
Overview of the Trusted Extensions and RHEL5 LSPP Systems

The Solaris 10 Operating System provides new frameworks for containment (zones), user rights management (roles and authorizations), and process rights management (privileges). The Trusted Extensions software, introduced in the Solaris 10 11/06 OS, extends these frameworks by adding sensitivity labels to provide a mandatory access control (MAC) policy base that implements multilevel security. Since the Trusted Extensions software preserves all the basic Solaris OS functionality, new features added to the Solaris OS are, by definition, compatible with Trusted Extensions.

The Red Hat Enterprise Linux 5 OS includes SELinux, which is a framework for describing a security policy based on security contexts. A security context consists of a user identity, a role, a type, and an optional MLS level or range. The user identity attribute in the security context is independent of the ordinary Linux user identity attributes. The SELinux mandatory access controls remain completely orthogonal to the existing Linux access controls. As a result, a process must pass standard policy controls before anything from the SELinux module applies.

Neither RHEL5 LSPP nor the Solaris 10 11/06 OS enables the use of sensitivity labels by default.

"All my life I wanted to be someone; I guess I should have been more specific." -- Jane Wagner