Topics

Enabling SELinux in an application #selinux


Cguerin@...
 

I am with The Middleby Corporation.  We manufacture a wide variety of commercial ovens, ice machines, coffee brewers, microwaves, soft-serve machines and virtually anything you’d find in a commercial restaurant kitchen.  Much of our equipment has a touch-screen display on it – often 4.3” to 10.1” in size.  This is part of an embedded control system that includes a separate I/O board to talk to motors, heating elements, etc.  The touch-screen control are most often running Yocto Linux with a QT or similar application running on top of Linux.  Recently, we have been asked to explore enabling SELinux security provisions in our applications.  In speaking with several of our vendors, they all indicated they don’t generally need to enable SELinux and have never done so in the past.  

I now know what SELinux is, but I can’t get a good answer if it even is needed to be enabled on a touch-screen application on equipment that a 16 year old kid generally operates.  We often do have USB ports on our equipment for software updates and some is connected to the internet as well, but I still don’t see how the security access provisions in SELinux are needed for our application. 

Lastly, I'm not a programmer. I manage the business end of all of Middleby's electronic controls, so the aim of this message is to ask for general guidance regarding the need for SELinux or not.  


Rudolf J Streif
 

Hi,

There is no simply answer to your question. Most generally speaking any type of security, not just for computers and embedded systems, is a tradeoff between risk and cost.

The fact that your appliances have USB ports and are potentially connected to the Internet makes them vulnerable for attacks. They can potentially be used to gain access to your appliances, put malicious software on them, potentially damage them. be used as bots for cyber attacks, etc. An expert and embedded security can assess the risk by examining your appliances, software etc. You only can assess the risk for your business and the business of your customers. What will it mean for a customer and your business if multiple appliances are hacked and not functioning anymore and the customer cannot deliver their product and services possibly for days until you are able to reinstall the software? What does that mean for your business if that happens at many of your customers' locations at the same time?

It does not need to be professional hackers that are out for financial gain doing that. Your proverbial 16 year old kid operating the equipment could be an aspiring embedded systems engineer who is curious about what's behind the scenes of the appliances.

It's never a bad idea to think about security for your embedded systems. Having done a whole lot deal of embedded systems in automotive and explicitly for securing content and devices for digital television I can only advise you to take it seriously. It's better to be proactive then reactive. Bad embedded systems security practices are all around. Just because your vendors have not done it does not really mean anything.

SELinux is only one consideration. There are other things that go into hardening an embedded system.

Best regards,
Rudi

On 4/21/20 11:50 AM, Cguerin@... wrote:

I am with The Middleby Corporation.  We manufacture a wide variety of commercial ovens, ice machines, coffee brewers, microwaves, soft-serve machines and virtually anything you’d find in a commercial restaurant kitchen.  Much of our equipment has a touch-screen display on it – often 4.3” to 10.1” in size.  This is part of an embedded control system that includes a separate I/O board to talk to motors, heating elements, etc.  The touch-screen control are most often running Yocto Linux with a QT or similar application running on top of Linux.  Recently, we have been asked to explore enabling SELinux security provisions in our applications.  In speaking with several of our vendors, they all indicated they don’t generally need to enable SELinux and have never done so in the past.  

I now know what SELinux is, but I can’t get a good answer if it even is needed to be enabled on a touch-screen application on equipment that a 16 year old kid generally operates.  We often do have USB ports on our equipment for software updates and some is connected to the internet as well, but I still don’t see how the security access provisions in SELinux are needed for our application. 

Lastly, I'm not a programmer. I manage the business end of all of Middleby's electronic controls, so the aim of this message is to ask for general guidance regarding the need for SELinux or not.  



    
-- 
-----
Rudolf J Streif
CEO/CTO ibeeto
+1.855.442.3386 x700


Khem Raj
 

On 4/21/20 11:50 AM, Cguerin@... wrote:
I am with The Middleby Corporation.  We manufacture a wide variety of
commercial ovens, ice machines, coffee brewers, microwaves, soft-serve
machines and virtually anything you’d find in a commercial restaurant
kitchen.  Much of our equipment has a touch-screen display on it – often
4.3” to 10.1” in size.  This is part of an embedded control system that
includes a separate I/O board to talk to motors, heating elements, etc. 
The touch-screen control are most often running Yocto Linux with a QT or
similar application running on top of Linux.  Recently, we have been
asked to explore enabling SELinux security provisions in our
applications.  In speaking with several of our vendors, they all
indicated they don’t generally need to enable SELinux and have never
done so in the past.  

I now know what SELinux is, but I can’t get a good answer if it even is
needed to be enabled on a touch-screen application on equipment that a
16 year old kid generally operates.  We often do have USB ports on our
equipment for software updates and some is connected to the internet as
well, but I still don’t see how the security access provisions in
SELinux are needed for our application. 
Generally devices having ports, or being connected to Internet can
become a door to your network and cause some serious damage, so you
sould assess the security needs for your devices, I would think. As far
as technologies needed to achieve security needs SELinux is one of many
options, you have apparmor, tomoyo, and other MAC technologies, and I
would think you should do some experiments to see which of these will
fit your needs to manage MAC. Then there are other methods to address
security concerns.

Lastly, I'm not a programmer. I manage the business end of all of
Middleby's electronic controls, so the aim of this message is to ask for
general guidance regarding the need for SELinux or not.
I would think you need security, SELinux is one cog in the wheel and
there are other options, I would think doing some proof of concept
within your setups after you have done some security analysis, would be
the steps to take.