An Introduction to SELinux

Way back in kernel 2.6, a new security system was introduced to provide a mechanism for supporting access control security policies. This system was Security Enhanced Linux (SELinux) and was introduced by the National Security Administration (NSA) to incorporate a strong Mandatory Access Control architecture into the subsystems of the Linux kernel.

If you’ve spent your entire Linux career either disabling or ignoring SELinux, this article is dedicated to you — an introduction to the system that lives “under the hood” of your Linux desktop or server to limit privilege or even eliminate the possibility of damage should programs or daemons become compromised.