• View
• Edit
• History
• Print

Security Enhanced Linux = Linux with add-on tools that restrict file access, program interaction, signalling, etc, with admin-controlled, policy-defined, role-based authentication. Mandatory Access Control (MAC) allows the kernel to enforce rules on user processes.

Policies are compiled into binaries. Policy directories are /etc/selinux/ for Debian and /etc/security/selinux/src/policy under Red Hat. The policy is loaded by /sbin/init or /linuxrc right as the kernel transitions into user-space processing.

SE output is logged to dmesg, and can be decoded like so:

  scontext=<identity>:<user role>:<user domain>  (source context of user issuing command)

Note: SELinux identity is different from Unix uid.

http://www.lurking-grue.org/selinuxHOWTO.html