Skip to Main Content
The concept of Mandatory Access Controls (MAC) enforces a security policy on users. Linux Security Modules (LSM) provides for development of such frameworks. Lothlorien is an exploratory framework using LSM and the POSIX 1.e draft specifications'1 Extended Attributes (EA) to implement MAC on Linux. Lothlorien makes use of system call hooks provided by LSM to place checks on the access to system resources. The entire system is divided logically into different zones where the resources and users of the systems are distributed depending on their security context similar to a real organisation. Along with the already available Discretionary Access Control (DAC) on Linux, Lothlorien intends to achieve TCSEC B1 level of security. A policy will define the rules of access. Separating all the entities of the system allows fine-grained access control.