SELinux (Security-Enhanced Linux)
Search Data Center, Thursday, June 6th, 2024
By Gavin WrightTim Culverhouse, Site Editor What is SELinux (Security-Enhanced Linux)? SELinux, or Security-Enhanced Linux, is a part of the Linux kernel that acts as a protective agent to the OS. In the Linux kernel, SELinux is a mandatory access controls (MAC) mechanism that restricts programs with rules and policies set by the system administrator.
MAC is a higher level of access control than the standard discretionary access control (DAC) that was originally part of Linux. It prevents security breaches in the system by restricting processes so they can only access files, data, and other resources that the administrator preapproves.
SELinux was initially released as a collaboration between Red Hat and the National Security Agency. SELinux receives periodic updates and additions as new Linux distributions are released. The SELinux kernel separates policy and decisions inside the kernel to distribute levels of protection and prevent a total security breach.