Security Enhanced Linux
SELinux was developed by the National Security Agency in the United States. SELinux is software to protect against some kinds of security attacks, to limit the success of others, and to log much additional information. SELinux is included in the stock 2.6 Linux kernel; therefore, it's no longer necessary to add the SELinux patch to the kernel to take advantage of its enhancements.
SELinux works by placing processes inside of a sandbox known as a domain. By limiting processes to their own sandbox or domain, it limits the damage that can be done by an attacker who uses that process to gain or escalate privilege.
This section gives an elementary overview of SELinux. If you'd like to explore SELinux further, I recommend visiting ...
Get Linux Firewalls, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
