Mandatory Access Control Mechanism of Executable Program under LSM

LIU Wei-peng,HU Jun,LV Hui-jun,LIU Yi
DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.07.056
2008-01-01
Abstract:This paper analyses the main design idea of Linux Security Module(LSM) and the problem of the intrinsic access control mechanism of Linux executable program, and discusses the design of Mandatory Access Control(MAC) mechanism of executable program based on LSM. As the demonstration, it implements a MAC system prototype based on Linux kernel 2.6.11. The illumination that how to implement MAC of executable program in operating system is given.
What problem does this paper attempt to address?