Announcement:This project will no longer be maintained separately. SELinux policy for bitcoind is now included with the Bitcoin RPM packages (and policy for bitcoin-qt will follow shortly).
I'm doing my part to help secure Bitcoin by developing a SELinux policy module for it. This was developed on Fedora 15 but it should work fine on any recent SELinux-enabled Linux distribution using the targeted policy. To the best of my knowledge, this also includes Red Hat Enterprise, Gentoo Hardened, Debian, and SuSE. There may also be others.
What this does: SELinux
provides mandatory access control, permitting users and applications to access only what they absolutely need in order to accomplish given tasks. It prohibits access to resources not in the allowed list, even if a program is exploited to otherwise elevate privileges. This SELinux policy allows Bitcoin to use the files and resources it needs and denies all other access.
This is a WORK IN PROGRESS. I've already identified some things that need to be improved in the policy, and some changes that need to be made to bitcoin itself, before this reaches its full potential as a way to secure wallet.dat from unauthorized access on a live system. I hope you'll subscribe to the thread if you're interested, and if you're REALLY interested, send some bitcoins to 12gVBZMePKdsH4NeegNn6kdJ5XotfPxF76Donate:
(release 5)Install or update:
tar -zxvf bitcoin-selinux.tar.gz
su -c ./bitcoin.sh
When updating, you may see warnings about ports 8332, 8333 and 18333 already being defined in your security policy. These can be safely ignored.Use:
Restart Bitcoin or bitcoind after installing (or updating) the policy.
This policy includes one boolean, bitcoin_use_full_network. Enabling this boolean is required for UPnP to work.
This boolean has been removed; UPnP support is in the SELinux policy since release 5.How to test:
1. Set SELinux to permissive mode:
2. Run Bitcoin or bitcoind with the policy installed.
3. Check for AVC denials (replace date and time with the time you started Bitcoin):
ausearch --start 07/04/2011 04:19:57 -m avc --raw -se bitcoin
4. This command should return nothing. If you see any output, paste it here.
5. When finished, set SELinux to enforcing mode:
Separate permissions for bitcoin and bitcoind (bitcoind really doesn't need to access fonts or the X display)
Special policy for wallet.dat to secure it against unauthorized access (doing this right may require significant changes to the bitcoin client)
2011-07-19: Release 5
Added proper UPnP support. Removed boolean which was being used as a workaround.
2011-07-18: Release 4
Added port 18333 for Bitcoin testnet
Added permission for bitcoin to send signals to itself
2011-07-16: Release 3
Fixed bitcoin permission to read local GNOME/KDE configuration.
2011-07-15: Release 2
Fixed bitcoind permission to read/write to tty.
Added label for /var/lib/bitcoin for future use.
2011-07-04: First release.