Linux security frameworks

Linux security frameworks restrict unauthorized access by defining a policy and a set of predefined rules. In this article we look their purpose and how they work.

Purpose of security frameworks

Linux security frameworks aim to enforce mandatory access controls (MAC). This is a way of saying to restrict the actions that processes and users can perform on the system. Unlike discretionary access controls (DAC), which rely on the discretion of users and processes, MAC frameworks enforce policies defined by the system administrator. This proactive approach enhances the overall security posture of Linux systems by limiting the impact of potential security breaches. It may help in countering specific attacks and limit the impact of discovered vulnerabilities.

AppArmor

AppArmor is a profile-based security security framework for Linux. In this article we look at the basics of this security framework, its purpose and features.

SELinux

SELinux is a well-known security framework on Linux systems. Let's have a look at the basics of this framework, such as its purpose and features.