From Gentoo Wiki
Jump to:navigation Jump to:search

SELinux uses the Linux Security Modules (LSM) as the implementation to handle enforcement within the Linux kernel. All actions taken on the system which invokes Linux kernel calls (such as system calls) are also passed through LSM, and SELinux adds LSM hooks so that SELinux too can participate in deciding if a call is to be allowed or not.