Anatomy of Security-Enhanced Linux (SELinux)

Architecture and implementation

From the developerWorks archives

M. Tim Jones

Date archived: April 18, 2019 | Last updated: May 17, 2012|First published: April 29, 2008

Linux has been described as one of the most secure operating systems available, but the National Security Agency (NSA) has taken Linux to the next level with the introduction of Security-Enhanced Linux (SELinux). SELinux takes the existing GNU/Linux operating system and extends it with kernel and user-space modifications to make it bullet-proof. If you're running a 2.6 kernel today, you might be surprised to know that you're using SELinux right now! This article explores the ideas behind SELinux and how it's implemented.

17 May 2012 - In response to reader comment, corrected three broken links in Resources: 1) NSA Web site for SELinux, 2) introduction to SELinux policy configuration, 3) openSUSE.

This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some content, steps, or illustrations may have changed.

ArticleTitle=Anatomy of Security-Enhanced Linux (SELinux)