Rozšíření nástroje audit2allow pro poskytování více omezujících řešení

The thesis analyzes the role of the audit2allow utility in troubleshooting Security-Enhanced Linux denials and proposes extensions that will provide more restrictive and more secure solutions to the user. Basic concepts of SELinux and SELinux security policy are explained. Situations when audit2allow provides ineffective and insecure solutions are analyzed. Support for generating extended permission access vector rules was implemented. Basic support for checking security labels of files was implemented. Implementation details and testing of both extensions to the audit2allow utility are described.

University

Faculty of Information Technology

Date of Completion

2017

Resources

Leader

Smrčka Aleš

Consultant

Malík Miloš

Student

Žárský Jan