Exploring SELinux

Exploring SELinux: An Overview

In the coming weeks, we at the Linux Academy blog will be exploring SELinux — or Security Enhanced Linux. SELinux provides users fine-grain control over access and permissions on their Linux servers and workstations. Today, we will explore the implications of using SELinux, before diving into SELinux policies and command line options in part two.

SELinux is a kernel module written by the NSA and Red Hat that grants system owners extended access control, allowing for a greater permissions profile to constrain users and applications from accessing resources. Beyond the traditional “read, write, execute” permissions on a basic Linux system, SELinux grants administrators the ability to restrict linking, moving and appending files and more. Additionally, access control is defined using policies, which average users cannot alter either purposely or accidentally. (more…)