Smack

E724149

Linux security module mandatory access control system

Smack (Simplified Mandatory Access Control Kernel) is a Linux kernel security module that implements a simple mandatory access control system to confine processes and protect data.

Try in SPARQL Jump to: Surface forms Statements Referenced by

Observed surface forms (1)

Surface form	Occurrences
SMACK	1

Statements (48)

Predicate	Object
instanceOf	Linux security module ⓘ mandatory access control system ⓘ
abbreviation	Smack ⓘ
accessControlGranularity	subject and object labels ⓘ
accessDecisionBasis	label rules ⓘ
category	Linux kernel security ⓘ computer security software ⓘ
comparedWith	AppArmor NERFINISHED ⓘ SELinux NERFINISHED ⓘ
configurationInterface	/etc/smack/accesses policy files ⓘ file system extended attributes ⓘ kernel configuration options ⓘ
designedBy	Casey Schaufler NERFINISHED ⓘ
designedFor	low administrative overhead ⓘ simplicity of configuration ⓘ
designGoal	easier policy management than SELinux ⓘ smaller policy set than SELinux ⓘ
documentation	Linux kernel Documentation/security/Smack.txt ⓘ
enforcementLocation	Linux kernel NERFINISHED ⓘ
fullName	Simplified Mandatory Access Control Kernel NERFINISHED ⓘ
implements	label-based access control ⓘ
introducedIn	Linux kernel 2.6 series NERFINISHED ⓘ
kernelComponent	Linux kernel NERFINISHED ⓘ
license	GNU General Public License ⓘ
mainlineStatus	merged into mainline Linux kernel ⓘ
operatingSystem	Linux ⓘ
partOf	Linux Security Modules framework NERFINISHED ⓘ
policyType	discretionary label rules defined by administrator ⓘ
purpose	confining processes ⓘ protecting data ⓘ
securityModel	mandatory access control ⓘ
securityProperty	confinement of processes ⓘ data isolation ⓘ policy-based access control ⓘ
supports	IPv4 network labeling ⓘ IPv6 network labeling ⓘ NFS with Smack labels ⓘ access control for IPC mechanisms ⓘ access control for files ⓘ access control for sockets ⓘ file system object labeling ⓘ inter-process communication control ⓘ network access control ⓘ network packet labeling ⓘ process labeling ⓘ
useCase	appliance-like systems ⓘ embedded systems ⓘ systems requiring simple MAC policies ⓘ

Referenced by (2)

Full triples — surface form annotated when it differs from this entity's canonical label.

Linux Security Modules API → usedBy → Smack ⓘ

Linux kernel hardening → usesMechanism → Smack ⓘ

this entity surface form: SMACK