Some background info...NSA's SELINUX FAQhttp://www.nsa.gov/selinux/info/faq.cfm
The security idea it's based around is mandatory access control - type enforcement. Anyone able to explain this?http://en.wikipedia.org/wiki/Type_enforcement
The way this stuff is written, what I get out of it is that is it creates different security levels and users are assigned to one of these 'types' on the fly depending on how the system configuration is set up. Naturally, the NSA doesn't say that they've assigned themselves root access, so someone would have to decompile and read the source to find out for sure if there's anything funny going on. Maybe PP IT could jump in here with a word?
Mandatory Access Controlhttp://en.wikipedia.org/wiki/Mandatory_access_control
In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In practice, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, etc. Subjects and objects each have a set of security attributes. Whenever a subject attempts to access an object, an authorization rule enforced by the operating system kernel examines these security attributes and decides whether the access can take place. Any operation by any subject on any object will be tested against the set of authorization rules (aka policy) to determine if the operation is allowed.
With mandatory access control, this security policy is centrally controlled by a security policy administrator; users do not have the ability to override the policy and, for example, grant access to files that would otherwise be restricted. By contrast, discretionary access control (DAC), which also governs the ability of subjects to access objects, allows users the ability to make policy decisions and/or assign security attributes. (The traditional Unix system of users, groups, and rwx permissions is an example of DAC.) MAC-enabled systems allow policy administrators to implement organization-wide security policies. Unlike with DAC, users cannot override or modify this policy, either accidentally or intentionally. This allows security administrators to define a central policy that is guaranteed (in principle) to be enforced for all users.
Historically and traditionally, MAC has been closely associated with multi-level secure (MLS) systems. The Trusted Computer System Evaluation Criteria, the seminal work on the subject which is often referred to as the "Orange Book", defines MAC as "a means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity". Early implementations of MAC such as HPUX BLS, Harris CS/SX, and SGI Trusted IRIX were all focused on MLS.
More recently, with the advent of implementations such as SELinux (incorporated into Linux kernels after 2.6)
, MAC has started to become more mainstream and is evolving out of the MLS niche. These more recent MAC implementations have recognized that the narrow Orange Book definition, focused as it was on MLS, is not sufficient for general use. These implementations provide more depth and flexibility than earlier MLS-focused implementations, allowing (for example) administrators to focus on issues such as network attacks and malware without the rigor or constraints of MLS systems.