Understanding SELinux

Security Enhanced Linux (SELinux) is a kernel module intended to increase security by enforcing the Mandatory Access Control. This concept gives you the control to ensure that users and applications are only able to access the things that they absolutely need to in order to complete the tasks they are designated to perform. While firewalls help protect the system against intrusion from the outside, SELinux helps prevent resources on the inside from doing things that they aren't supposed to be doing. This may sound vague, because it is how SELinux is used, and how you can benefit from it depends solely on how you implement it. Want to prevent a user from making a very private file world-readable? Sure, you can do that. Perhaps ...

Get Mastering Linux Network Administration now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.