Security-Enhanced Linux (SELinux)

Security is always an ongoing concern for Linux system administrators, and if it is not, it should be. The variety and number of threats to server security are profound, and smart server administrators are proactive in securing their dedicated servers from would-be attackers, viruses, and vulnerabilities.

Security-Enhanced Linux (SELinux) was originally developed for the US National Security Agency (NSA) to provide access control policies for Linux servers. The policies are applied at the kernel level using Linux kernel modules. Because of this, it can be applied to any Linux distribution and even other Unix-like operating systems.

When SELinux was released to the open source community, Red Hat Enterprise Linux (RHEL) adopted it, and it now comes with each release. Other Red Hat-based distributions, such as CentOS, also come with SELinux enabled. Distributions such as Debian and SUSE Linux Enterprise 11 also have some support for SELinux. Full adoption from major distributions, however, has remained sparse. Some prefer competing software like AppArmor, which claims to be more user-friendly and easier to implement.

Many desktop Linux users will disable SELinux, viewing it as overkill for basic computing, but for servers, it adds a layer of security features that can be very useful for more complex policy schemes.

For more information about Security-Enhanced Linux and its documentation, see the NSA website.