Chapter 3. Architecture

In this chapter

• 3.1 The Kernel Architecture

• 3.2 Userspace Object Managers

• 3.3 SELinux Policy Language

• 3.4 Summary

• Exercises

This chapter provides an overview of the SELinux design and its policy language. The SELinux architecture reflects its origins in secure microkernel research. It integrates itself into the kernel using the Linux Security Module (LSM) framework. This architecture is also extensible into user-space servers. The SELinux policy language is flexible, allowing an organization to implement a variety of security goals via mandatory access controls.

3.1 The Kernel Architecture

SELinux provides enhanced access control over all kernel resources. In its current form, SELinux is incorporated into the ...

Get SELinux by Example: Using Security Enhanced Linux now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.