WEBVTT

00:01.890 --> 00:08.580
In this chapter you're going to be talking about security enhanced Linux SC.

00:08.580 --> 00:13.670
Linux is essentially a labelling system.

00:13.920 --> 00:21.950
If you remember nothing else all you want you to always remember that SCA Linux is about the labels.

00:22.050 --> 00:25.260
So what exactly does this mean.

00:25.260 --> 00:34.830
Well it simply means that everything on the system gets a label files directories use as processes pipes

00:34.890 --> 00:38.450
sockets everything after that.

00:38.450 --> 00:42.310
Well then go ahead and give SCA Linux a policy.

00:42.540 --> 00:50.880
It's this combination of labels and policies that SC Linux uses to make access control decisions.

00:50.880 --> 01:00.120
For example if you think of me as a person labelled as a man this means if I go into any public buildings

01:01.070 --> 01:10.140
I'm only allowed to access the men's room because the policy is to allow men into the men's room and

01:10.140 --> 01:13.230
we men into the women's toilet.

01:13.230 --> 01:17.000
This is basically how I see Linux operates.

01:17.520 --> 01:26.370
All objects on the system get labelled with a C Linux attributes and then policies control how objects

01:26.370 --> 01:31.570
are able to access resources based on the labels.

01:31.680 --> 01:38.490
Once again astutely Knox is all about levels which levels are then used by the kernel to make access

01:38.490 --> 01:39.870
control decisions.