Update Multi Category Security (MCS)

2025-03-04 08:24:42 +01:00 · 2020-12-30 05:37:30 +00:00 · 2020-12-30 05:37:30 +00:00 · c44389ad82
commit c44389ad82
parent 51ad5c45fe
1 changed files with 8 additions and 0 deletions
--- a/Multi-Category-Security-(MCS).md
+++ b/Multi-Category-Security-(MCS).md
@ -8,6 +8,14 @@

 need to define user/grouping/roles to user ids. Map as variables (possibly auto generated from custom file format).

+- user and session info loaded by pam_apparmor
+- what of parser? pam_apparmor is only good for logins that go through the pam stack
+
+apparmor uses profiles, variables, and stacking and delegation to achieve what selinux uses selinux users, MLS, MCS and roles.
+
+eg. for the selinux context ```user_u:object_r:tmp_t:Moonbase_Plans``` an equivalent apparmor label might be ```(user_u//&object_r//&tmp_t//)+Moonbase_plans``` or some such with each part of the text label being its own rule set.
+
+
 # Introduction