« Back to Linux security frameworks

SELinux

SELinux is a well-known security framework on Linux systems like Red Hat Enterprise Linux. Let’s have a look at the basics of this framework, such as its purpose and features.

History

SELinux was developed by the National Security Agency (NSA) and integrated into many Linux distributions, including Red Hat Enterprise Linux (RHEL) and CentOS.

Purpose

SELinux is a MAC framework that enforces fine-grained access controls. SELinux achieves this by labeling files, processes, and network ports with security contexts. Additionally, it defines policies that dictate permissible interactions between these entities. Other actions will be blocked.

SELinux aims to provide strong isolation and confinement of processes. The benefit is reducing the attack surface of the system and mitigating the impact of current and future security vulnerabilities.

Main features

  • Type Enforcement: SELinux uses a type enforcement model to categorize processes and objects based on security contexts, enabling granular control over access permissions.
  • Role-Based Access Control (RBAC): SELinux supports RBAC, allowing administrators to define roles and assign permissions to users based on their roles.
  • Multi-Level Security (MLS): SELinux supports MLS, enabling different sensitivity levels for data and ensuring strict separation between classified information.

Feedback

Small picture of Michael Boelen

This article has been written by our Linux security expert Michael Boelen. With focus on creating high-quality articles and relevant examples, he wants to improve the field of Linux security. No more web full of copy-pasted blog posts.

Discovered outdated information or have a question? Share your thoughts. Thanks for your contribution!

Mastodon icon