Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| centos7:1:6 [2017/05/05 23:42] – created Piotr Kłoczewski | centos7:1:6 [2017/05/06 15:24] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== 1.6 Mandatory Access Control ====== | ====== 1.6 Mandatory Access Control ====== | ||
| + | ==== List of content ==== | ||
| + | {{indexmenu> | ||
| + | ==== Description ==== | ||
| Mandatory Access Control (MAC) provides an additional layer of access restrictions to processes on top of the base Discretionary Access Controls. By restricting how processes can access files and resources on a system the potential impact from vulnerabilities in the processes can be reduced. | Mandatory Access Control (MAC) provides an additional layer of access restrictions to processes on top of the base Discretionary Access Controls. By restricting how processes can access files and resources on a system the potential impact from vulnerabilities in the processes can be reduced. | ||
| + | =====Impact===== | ||
| + | Mandatory Access Control limits the capabilities of applications and daemons on a system, while this can prevent unauthorized access the configuration of MAC can be complex and difficult to implement correctly preventing legitimate access from occurring. | ||