Understanding SELinux
Security Enhanced Linux (SELinux) is a kernel module intended to increase security by enforcing the Mandatory Access Control. This concept gives you the control to ensure that users and applications are only able to access the things that they absolutely need to in order to complete the tasks they are designated to perform. While firewalls help protect the system against intrusion from the outside, SELinux helps prevent resources on the inside from doing things that they aren't supposed to be doing. This may sound vague, because it is how SELinux is used, and how you can benefit from it depends solely on how you implement it. Want to prevent a user from making a very private file world-readable? Sure, you can do that. Perhaps ...
Get Mastering Linux Network Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.