From 9fbb4b47692f39b1090a5fb666454df996075f2c Mon Sep 17 00:00:00 2001 From: "YiLin.Li" Date: Tue, 28 Jun 2022 10:02:47 +0800 Subject: [PATCH 1/2] benchmarks/mandatory-access-control: fix the pdf format error Fixes: #I5ECH2 We need to add an empty line between the chapter title and the body to fix the pdf format error. Signed-off-by: YiLin.Li --- .../5.2-ensure-SELInux-policy-is-configured.md | 1 + .../5.6-use-selinux-for-separation-of-powers-user-created.md | 1 + ...powers-system-administrator-login-permission-configuration.md | 1 + 3 files changed, 3 insertions(+) diff --git a/benchmarks/mandatory-access-control/5.2-ensure-SELInux-policy-is-configured.md b/benchmarks/mandatory-access-control/5.2-ensure-SELInux-policy-is-configured.md index ea1d651..3e6c8c9 100644 --- a/benchmarks/mandatory-access-control/5.2-ensure-SELInux-policy-is-configured.md +++ b/benchmarks/mandatory-access-control/5.2-ensure-SELInux-policy-is-configured.md @@ -22,6 +22,7 @@ SELINUXTYPE=mls ``` 如果您需要限制较少的策略,可在 /etc/selinux/config 文件中设置它们 + ## 扫描检测 1. 使用以下命令查看SELinux使用的默认策略: diff --git a/benchmarks/mandatory-access-control/5.6-use-selinux-for-separation-of-powers-user-created.md b/benchmarks/mandatory-access-control/5.6-use-selinux-for-separation-of-powers-user-created.md index 24bdaa2..2d307de 100644 --- a/benchmarks/mandatory-access-control/5.6-use-selinux-for-separation-of-powers-user-created.md +++ b/benchmarks/mandatory-access-control/5.6-use-selinux-for-separation-of-powers-user-created.md @@ -2,6 +2,7 @@ ## 安全等级 - Level 3 + ## 描述 > * 当前,Linux操作系统已广泛应用于各种设备和产品中,如服务器、PC机、机顶盒及路由器等。随着Linux系统的不断发展和广泛应用,Linux系统的安全问题也引起越来越多的关注。 diff --git a/benchmarks/mandatory-access-control/5.7-use-selinux-for-separation-of-powers-system-administrator-login-permission-configuration.md b/benchmarks/mandatory-access-control/5.7-use-selinux-for-separation-of-powers-system-administrator-login-permission-configuration.md index 133eea8..4fd9dc0 100644 --- a/benchmarks/mandatory-access-control/5.7-use-selinux-for-separation-of-powers-system-administrator-login-permission-configuration.md +++ b/benchmarks/mandatory-access-control/5.7-use-selinux-for-separation-of-powers-system-administrator-login-permission-configuration.md @@ -2,6 +2,7 @@ ## 安全等级 - Level 4 + ## 描述 > * SELinux (security-enhanced Linux)是安全增强的Linux,以强制访问控制(mandatory access control, MAC)技术为基础,应用类型增强(type enforcement, TE)和基于角色访问控制(role-base access control, RBAC)两种安全策略模型。通过MAC技术可以实现对用户和进程权限的最小化,即使在系统受到攻击或者进程和用户的权限被剥夺的情况下,也不会对整个系统的安全造成重大影响。SELinux对访问的控制更彻底,它对系统中的所有文件、目录、端口资源的访问控制都基于一定的安全策略而设定。只有管理员才能定制安全策略,一般用户没有权限更改。因此SELinux为三权分离思想的实现奠定了基础。 -- Gitee From f6270b718ee386d3b2a11d5b3a2f5d4395d6f334 Mon Sep 17 00:00:00 2001 From: "YiLin.Li" Date: Tue, 28 Jun 2022 10:06:36 +0800 Subject: [PATCH 2/2] tools/release: update the pdf name Fixes: #I5ECDN Signed-off-by: YiLin.Li --- tools/release/nameversion.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/release/nameversion.json b/tools/release/nameversion.json index 6fc5a62..3ff1b7c 100644 --- a/tools/release/nameversion.json +++ b/tools/release/nameversion.json @@ -1,4 +1,4 @@ { - "title": "Anolis OS 8 Server Best Practice", + "title": "Anolis OS 8 Server Security Best Practices", "version": "1.0.0" } -- Gitee