Next:
Introduction
Up:
final
Previous:
LinSec Mandatory Security Policy
Contents
Implementation
Subsections
Introduction
Chapter Contents
Prerequisites
Implementation Overview
General Information
Implementation approach
Linux Kernel Subsystems Affected
Chapter Layout
Linux Kernel Analysis
LinSec Configuration Data
LinSec Configuration Process
LinSec Data Structures
SMP Issues
LinSec Lifetime
LinSec Capability Model
Linux Legacy
Overview
Capability Representation
Supporting Functions
The Task Structure
User Capabilities
Inheritance Algorithm
Hardcoded Mechanisms
Executable File Capabilities
User Capabilities
Capability Inheritance Algorithm
Linux Process Ownership Model Problem
User Capability Revocation
Process Information Hiding
LinSec Filesystem Access Domains
Executable File Access Domains
Access Domain Representation
Access Domain Inheritance
User Access Domain Revocation
Access Domain Access Control
LinSec Socket Access Control
Socket Access Control Information Storage
Socket Access Control Algorithm
LinSec IP Labeling
IP Labeling Information Storage
IP Labeling Access Control Algorithm
Exec and Setuid
Userspace Administrative Tools
Summary
