SELinux/Role-based access control

To provide segregation of duties and privileges based on the least privilege model, many organizations use a role-based implementation for security and privileges. Some roles are not allowed to perform tasks of another role (segregation of duties), and adding privileges to roles is handled with care to make sure people who are assigned the role do not get too many privileges.

RBAC in SELinux
The implementation of Role Based Access Control (RBAC) in SELinux is as follows.




 * 1) A user is mapped to a SELinux user, which defines the clearance of that user
 * 2) The SELinux user is allowed one or more roles, effectively restricting which roles a particular user can participate in (segregation of duties)
 * 3) Roles are allowed certain domains, run-time privileges for one or more applications

It is through the domain permissions that the privileges of a user are controlled. Consider a domain to administer the web server. A role that isn't allowed this domain will not have the ability to run any applications in that domain, effectively restricting the ability of the user to administer the web server.