11 Facts About SELinux

SELinux is a set of kernel modifications and user-space tools that have been added to various Linux distributions.

The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency .

From a purist perspective, SELinux provides a hybrid of concepts and capabilities drawn from mandatory access controls, mandatory integrity controls, role-based access control, and type enforcement architecture.

SELinux was designed to demonstrate the value of mandatory access controls to the Linux community and how such controls could be added to Linux.

Originally, the patches that make up SELinux had to be explicitly applied to the Linux kernel source; SELinux was merged into the Linux kernel mainline in the 2.

Related searches

Comprehensive list of the original and external contributors to SELinux was hosted at the NSA website until maintenance ceased, sometime 2009.

For every current user or process, SELinux assigns a three string context consisting of a username, role, and domain .

SELinux adds the -Z switch to the shell commands ls, ps, and some others, allowing the security context of the files or process to be seen.

SELinux is popular in systems based on linux containers, such as CoreOS Container Linux and rkt.

SELinux is available since 2005 as part of Red Hat Enterprise Linux version 4 and all future releases.

SELinux represents one of several possible approaches to the problem of restricting the actions that installed software can take.