https://www.techtarget.com/searchdatacenter/definition/SELinux-Security-Enhanced-Linux
SELinux, or Security-Enhanced Linux, is a part of the Linux kernel that acts as a protective agent to the OS. In the Linux kernel, SELinux is a mandatory access controls (MAC) mechanism that restricts programs with rules and policies set by the system administrator.
MAC is a higher level of access control than the standard discretionary access control (DAC) that was originally part of Linux. It prevents security breaches in the system by restricting processes so they can only access files, data, and other resources that the administrator preapproves.
SELinux was initially released as a collaboration between Red Hat and the National Security Agency. SELinux receives periodic updates and additions as new Linux distributions are released. The SELinux kernel separates policy and decisions inside the kernel to distribute levels of protection and prevent a total security breach.
SELinux acts under the least-privilege model. SELinux only grants access if the administrator writes a specific policy to do so. It is implemented as part of the Linux Security Module (LSM) framework which is hooked into the Linux kernel. Because it exists on top of the traditional Linux security context enforcement, SELinux can even prevent a compromised root user from accessing protected data.
SELinux is best used in high-security environments where applications and associated data must be kept separate. Some examples where it is valuable would be in publicly accessible servers, cloud servers, containerized workloads, and government use. Because it requires additional work to set up and validate the access policies, it might not be recommended for home or workstation use.
In a SELinux check, there are three main components, the subject, the object, and the security server.
An SELinux label is the information attached to every subject and object. The labels are evaluated against the security policy to determine if access should be granted or denied. The label has four components, the user, role, type and range (sensitivity or category).
An example SELinux object label for \home directory is system_u:object_r:home_root_t:s0.
There are three modes of SELinux: Enforcing, Permissive and Disabled.
SELinux's main competitor, AppArmor, is available on the SUSE Linux Enterprise Server, openSUSE and other platforms. AppArmor builds upon the DAC making it more secure and making it mandatory. SELinux, on the other hand, is a completely separate system that does not use the preexisting file access controls.
While SELinux uses the type enforcement system to provide security on the servers, AppArmor does not assign types and instead uses configuration files to grant, restrict and deny access.
Android is based on Linux and uses SELinux as a security mechanism. It was first introduced in Android starting in version 4.3 and was fully enforced starting in version 5.0. SELinux is important to the overall Android mobile security model as it is used to separate the various system processes and apps and to keep them from being able to read data that they shouldn't have access to.
SELinux enforcing mode is used in Android to keep apps from being able to access private data in other apps or other system resources directly. For example, if SELinux was disabled or set to permissive it could be possible that a malicious app could easily access a protected banking app or location data.
In Red Hat Enterprise Linux (RHEL) 7.3, Red Hat significantly improved SELinux through enhanced administrator policy control. Admins can now create a custom module with a higher priority than the original system module. This new feature allows IT to override the system module and place customizable features that take precedence on the server.
Organizations can use SELinux or AppArmor to protect their Linux servers but should examine the differences between them to see which is the best fit first. Compare two Linux security modules: SELinux vs. AppArmor.
05 Jun 2024