SELinux

SELinux is a mandatory access control system which enables a more fine-grained mechanism where the security administrator defines what a user can do. Unlike the standard discretionary access control in place for Linux (where the end user can still decide for himself how his resources are accessed by others) a mandatory access control system is fully governed through a security policy. With SELinux, enforcement of the access controls is done by the Linux kernel, governed through a security policy that is loaded at start of the system.

Introduction


Linux has a well-known discretionary access control system, based on the permission mask set on resources and the ownership of the resource versus the run-time privileges of a process. Some additional security features are available as well, such as capabilities and extended ACLs, which allow administrators to fine-tune the secure state of their system. But even all those features still prove to be discretionary in their model.

A discretionary model means that the owner of a resource can still decide how the resource is shared on the system. A directory can be made world-writable by its owner, and from that point onwards all processes on the system can write to the directory. With a mandatory access control system, the access to resources is governed through a mandatory system that cannot be worked around from. With SELinux, this is the SELinux security subsystem running in the Linux kernel.

SELinux resources
A quick introduction to SELinux helps to have a high-level idea behind the SELinux security subsystem. It covers the difference between discretionary and mandatory access control, the labeled approach that SELinux takes and how it is integrated in the Linux operating system.

For more in-depth information, please refer to the following resources.

Development
For engineers and developers, we provide the following resources:

Learning SELinux
We also provide the following resources to gradually learn about SELinux.

SELinux in Gentoo
The integration of SELinux in Gentoo is handled by the SELinux subproject of the Gentoo Hardened project.

Problems with SELinux in Gentoo?
 * Report a bug in bugzilla

Want some help?
 * Try the gentoo-hardened mailinglist
 * Call out to us through IRC on freenode's  channel

Support state
SELinux userspace SELinux policies
 * Upstream: 2.3 (stable)
 * Gentoo: 2.3 (~arch), 2.2 (stable)
 * Upstream: 20140311
 * Gentoo: 20140311 (stable)

External resources

 * The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments explains the need for mandatory access controls
 * The Flask Security Architecture: System Support for Diverse Security Policies explains the security architecture of Flask, the architecture used by SELinux.