In lecture, we have been talking about mandatory access control policies that can be used for many scenarios. In this lab, we will look at some actual implementations of mandatory access control in modern operating systems.
SELinux started as an NSA project to add mandatory access control to Linux. It is now a community project and features have been implemented in the 2.6 kernel line. It is based on the multilevel security concept. Read through the article Configuring the SELinux Policy and summarize the types of mandatory access control policies SELinux supports.
Trusted Solaris is an extension to Solaris to support mandatory access control. It is getting rather dated (being based on Solaris 8), so there is also the OpenSolaris Trusted Extensions project to bring the same concepts to Solaris 10. Read the article An Architectural Overview of Solaris Trusted Extensions and summarize the types of mandatory access control policies that it supports.
TrustedBSD adds mandatory access control to the BSD kernel (also used by Mac OS X as part of the SEDarwin project). Read through the Components items (left menu of the website) and summarize what types of mandatory access control policies this supports.
Email me all three summaries as your write-up for this lab.
If you are interested in trying one of these projects, you will need a CD or ISO for installation. Create a copy of your Slackware Linux virtual machine and rename the files to an appropriate name. When the machine is booting up, tell it to boot off the CD instead of off the drive (if using an ISO, you will first have to map the ISO to the CD device by right-clicking the CD icon in the VMWare player menu bar and following the instructions). Then install as specified by the project documentation. You do not need to install one of these operating systems to receive the lab points.