Comparative study of operating system security using SELinux and Systrace

This thesis makes a comparative study of the security systemsSystrace (used primarily with OpenBSD) and SELinux (usedexclusively with Linux), trying to answer the question as to whichtype of security is offered by each respective system, and wheneach should be used. The key difference between SELinu...

Full description

Bibliographic Details
Main Author: Öberg, Jonas
Format: Others
Language:English
Published: Högskolan i Kalmar, Institutionen för kommunikation och design 2009
Subjects:
Online Access:http://urn.kb.se/resolve?urn=urn:nbn:se:hik:diva-2015
Description
Summary:This thesis makes a comparative study of the security systemsSystrace (used primarily with OpenBSD) and SELinux (usedexclusively with Linux), trying to answer the question as to whichtype of security is offered by each respective system, and wheneach should be used. The key difference between SELinux andSystrace seems to be their mode of operation, where SELinux,built around the LSM framework in the Linux kernel, works withtype enforcement on files, sockets and other objects, whereasSystrace works on a strict system call basis. The two systems areseen to serve two different purposes which sometimes overlap,but in just as many cases provide solutions for entirely differentquality priorities.