SECURITY ENHANCED LINUX(SELinux)
Security-Enhanced Linux (SELinux) is a security architecture integrated into the Linux kernel using the Linux Security Modules . It is developed by the United States National Security Agency and the SELinux community. SELinux implementation into Red Hat Enterprise Linux was a joint effort between the NSA and Red Hat. SELinux is an implementation of a Mandatory Access Control permission system (MAC) in the Linux kernel. This type of access control differs from Discretionary Access Control systems (DAC) like ACLs and standard Unix permissions, in how the access to a resource is provided. In the case of Mandatory Access Control permission system is not the owner of a resource the one who decides who and how can access it: this access is based on the relationships between domains and labels, controlled by a policy and enforced at the kernel level.
SELinux has three modes:
• Enforcing: SELinux is enforcing access control rules. Computers generally run in this mode.
• Permissive: SELinux is active but instead of enforcing access control rules, it records warnings of
rules that have been violated. Permissive mode is mainly used for testing and troubleshooting.
• Disabled: SELinux is turned off entirely: no SELinux violations are ignored, nor even recorded.
What is the SELinux Policy?
The SELinux Policy is the set of rules and regulations that guide the SELinux security engine. SELinux policy specify types for file objects and domains for processes. SELInux uses roles to limit the domains that can be entered, and has user identities to specify the roles that can be attained. In essence, types and domains are equivalent, the difference being that types apply to objects while domains apply to processes.
SELinux File Labelling
All files, directories, devices, ports, and processes have a security context associated with them. For files, the context is stored in the extended attributes of the file system. Problems with SELinux often arise from the file system being mislabeled. If you identify an error containing file_t, that is usually an indicator that you have a problem with file system labelling.
SELinux Context
The SELinux context provides additional details such as SELinux user, role, type, and level. When running SELinux, all of this details is used to make access control decisions.
SELinux (Security-Enhanced Linux) is a Linux security architecture that gives administrators more power about who can access the device. To get an overview and learn about its features and more there are various Linux server administration training institutes in Kochi or so. Reach out to the best solutions. Always try to learn with understanding. With best Linux server administration courses in Kochi readily available to provide services, anything is possible. All that is needed is just to connect with a dependable solution.