Week 11b: MAC Systems & Security Auditing
Goal Understand the difference between traditional Linux permissions (DAC) and Mandatory Access Control systems (AppArmor/SELinux). Learn to audit your system’s security posture using Lynis and systematically fix vulnerabilities. Prerequisites: Week 11a (Hardening Foundations) This is Part 2 of 4 - Covers MAC concepts and security auditing. 1. Understanding Mandatory Access Control (MAC) What is MAC vs DAC? DAC (Discretionary Access Control) - Traditional Linux: Owner decides who can access their files Example: You create secret.txt, you decide who can read it Problem: Malware running as your user inherits ALL your permissions Weakness: If Firefox is exploited, attacker gets access to everything you own MAC (Mandatory Access Control) - AppArmor/SELinux: ...