The main purpose of this chapter is to introduce you to SELinux terms and concepts helpful in the installation and initial configuration of SELinux, which is covered in Chapter 3. This chapter presents an overview of the security model implemented by SELinux, which is based on the Flask architecture designed by the NSA. (SELinux is ultimately grounded on principles that have guided the design and administration of highly secure military systems for decades, such as those described in the so-called “Orange Book.”^[5]) Because of this chapter’s practical aim, its emphasis is on basic Flask and SELinux concepts and terms. Chapter 5 explains the SELinux security model in greater detail. In addition to providing an overview of SELinux functions, Chapter 5 provides an overview of SELinux architecture, describing each major SELinux component.

Subjects and Objects

Like other onetime elementary and secondary students, you’ve probably endured many school lectures on the subject of English grammar. If you’re old enough, you may even have endured that most feared exercise of secondary education (which is now largely extinct): the sentence diagram, like that shown in Figure 2-1.

Figure 2-1. A simple sentence diagram

At the time of your elementary and secondary studies, the various parts of speech—nouns, verbs, adjectives, adverbs, and so on—and components ...