I have just decided to learn SELinux and to demonstrate how to use it for my final year project.
My main problem comes in the implementation area.After learning how to write the policies, how can use this knowledge to demonstarte to the board ie is there a system i can come up with to show how SELinux is used.
Show some cases where you demonstrate what happens with a policy enabled / disabled.
Basic example: root can write to /sensitive-data (policy disabled); root can not write to /sensitive-data, and can not give himself access to do so (policy enabled).
What I did when I had to make the Windows Files Invunerable is write a simple Virus that just deletes all the files..
If you just make something like that in Linux, I think you can show what it does.
Show that a Attacker first is a User, then uses a Exploit Script to become root and then Compiles a Virus.
Well he can do that with SElinux off. But when SElinux is on he cant.