The most significant security feature of any Linux system is providing access control—often called
Discretionary Access Control (DAC)—which allows the owner of an object (such as a file) to set security attributes for it (for example, deciding who can read or write to a file using the
chmod commands). While this old and very simple security system was sufficient in ancient UNIX times, it does not meet all the modern requirements of security, where servers and services are constantly connected to the Internet.
Often, security breaches can be initiated by attackers exploiting buggy or misconfigured applications and the permissions to them. This is why the SELinux has been developed. Its ...