On Linux, SELinux provides a form of mandatory access control that can lock down applications. While that can be helpful for thwarting system level attacks, SELinux might not help if all the application is trying to do is get at data, Kandek noted.
“I see SELinux as good security infrastructure measure, and it helps a lot for people that are trying to take control of the machine that the application runs on,” Kandek said.