Conference:  Linux Security Summit Europe 2022

Authors: Casey Schaufler

2022-09-16

The Simplified Mandatory Access Control Kernel (Smack) Linux security module was introduced in 2008 and is currently used in millions of devices. Unlike SELinux and AppArmor, Smack has never been supported by a major Linux distribution. The greatest barriers to distribution support have been that only one "major" security module can be used at a time and that there has been no example of a Smack rule set to use as a basis for a distribution's policy. In this talk Casey Schaufler, the author of Smack, will describe a new effort to create a reference set of Smack rules and apply it to a major Linux distribution. The talk starts with a description of how Smack rules work and how they differ from SELinux and AppArmor policy. It moves on to cover the threats being addressed and how a "three domain" approach provides the required protection. How a distribution to target was chosen is revealed and what steps are taken to keep the scheme flexible enough to be useful elsewhere. The current state of the effort and the identified challenges are presented. Finally, there will be an invitation for additional participation in the project.