In recent years with the advancement of technology people's lives are full of technology products Thus the number of security issues become more including data breach ransomware zombie computer etc Usually we can regularly update the software to patch vulnerabilities as precautions for attacks But if unfortunately the system is attacked we will want to minimize the loss An attack represents a malicious object intrudes system If we can limit it the damage it caused would be less In the process of invading the system it might touch the access control mechanism Therefore if the system has strong access control we could expect it would effectively make the damage less In this thesis we customize the SELinux policy based on some scenarios There are four policy modules One is used to reduce the possibility of the process being terminated by a hacker another is used to give a user network rights and the other is used to give the user permission to use sudo command Besides we configure SELinux Boolean for ordinary usage and server usage of a computer
Hardening OS Security with Customized Policy in SELinux
俊亦, 盧. (Author). 2019
Student thesis: Doctoral Thesis