在 中文 中使用 Selinux 的示例及其翻译为 英语
{-}
-
Political
-
Ecclesiastic
-
Programming
下一节将探讨SELinux实现,以及如何将安全增强透明地添加到Linux内核中。
如需更多威胁示例以及使用SELinux解决威胁的方法,请参阅用例。
See Use Cases for more examples of threats and ways to address them with SELinux.通过额外的措施例如SELinux可以进一步地防止这些违反行为。
These violations can further be prevented by additional security measures such as SELinux.还有其他一些安全系统通过SELinux框架被启用,例如MLS、MCS以及RBAC。
There are other security systems enabled through the SELinux framework, such as MLS, MCS and RBAC.这三个文件必须被同时使用SELinux工具编译来生成单一的策略文件。
These three files must be compiled together with the SELinux tools to produce a single policy file.安全Linux容器实现指南”(SergeE.Hallyn,developerWorks,2009年):了解如何使用SELinux和Smack增强轻量级容器。
Secure Linux containers cookbook"(Serge E. Hallyn, developerWorks, 2009): Learn how to strengthen lightweight containers with SELinux and Smack.同样美国国家安全局也在安全增强型Android中采用了一些SELinux概念。
Also, 而且,FreeBSD5已经添加了一个灵活的MAC框架(来自TrustedBSD项目),包括一个具有类似SELinux基本功能的模块。
And FreeBSD 5 has added a flexible MAC framework(from the TrustedBSD project), including a module with functionality essentially like SELinux's.如果安全策略为那些全部授与了权限,那么请求就会被SELinux所允许。
If the security policy grants all of those permissions, then the request is allowed by SELinux.SELinux(在大多数实现中为默认)则使用平面文件组合(在编译前由管理员和开发者编写人类可读的策略)和扩展属性完成。
SELinux(by default in most implementations) uses a combination of flat files(used by administrators and developers to write human readable policy before it's compiled) and extended attributes.SELinux已作为Linux安全模块(LSM)框架的一部分实现,该框架可识别各种内核对象以及对这些对象执行的敏感操作。
SELinux has been implemented as part of the Linux Security Module(LSM) framework, which recognizes various kernel objects, and sensitive actions performed on them.命令runcon允许启动进程进入一个显性定义上下文(用户、角色和域)环境中,但如果政策中未允许的话那么SELinux可能会拒绝此请求。
The command runcon allows for the launching of a process into an explicitly specified context(user, role, and domain), but SELinux may deny the transition if it is not approved by the policy.SElinux是一套标签系统。
SElinux is a labeling system.使用布尔设置修改系统SELinux设置。
Use boolean settings to modify system SELinux settings.SELinux主要由美国国家安全局开发。
SELinux SELinux was developed by the United States National Security Agency.编辑/etc/selinux/config并设置SELINUX=disabled:.
Edit the file/etc/selinux/config and make SELinux persistent across reboots.强制执行:SELinux允许基于SELinux策略规则进行访问。
SELinux denies access based on SELinux中的多级安全(Multi-LevelSecurity).
SELinux with multi level security(MLS).SELinux可以在各种模式下实现:.
SELinux can be implemented in varying modes.SELinux主要由美国国家安全局开发。
SELinux was first developed by the U.S. governments National Security Agency.
