SELinux

E37338

SELinux (Security-Enhanced Linux) is a Linux kernel security module that provides a flexible, fine-grained mandatory access control (MAC) framework to enforce strict security policies on systems.

All labels observed (5)

How this entity was disambiguated

Statements (54)

Predicate Object
instanceOf Linux security module
mandatory access control system
abbreviation SELinux self-link
basedOn FLASK security architecture
category Linux security
computer security software
configurationFile /etc/selinux/config
defaultModeOnSomeDistros enforcing
developedBy National Security Agency
surface form: NSA

Red Hat
National Security Agency
surface form: United States National Security Agency

open source community
documentationWebsite https://selinuxproject.org/
enforces security policies
fullName SELinux self-linksurface differs
surface form: Security-Enhanced Linux
goal enforce least privilege
limit damage from compromised services
hasMode disabled
enforcing
permissive
implements mandatory access control
introducedIntoLinuxKernel version 2.6
isFreeSoftware true
isOpenSource true
license GNU General Public License
originCountry United States of America
surface form: United States
partOf SELinux self-linksurface differs
surface form: Linux kernel security subsystem
policyLanguage SELinux policy language
policyPackageExtension .pp
policySourceExtension .te
provides kernel-level access control
label-based security
runsOn Linux
securityModel MAC
supports fine-grained access control
multi-category security
multi-level security
role-based access control
type enforcement
usedIn CentOS
Debian
Fedora Linux
surface form: Fedora

Oracle Linux
Red Hat Enterprise Linux
Ubuntu (optional component)
uses labels on files and processes
policy rules
security contexts
usesTool audit2allow
chcon
getenforce
restorecon
semanage
setenforce

How these facts were elicited

Referenced by (20)

Full triples — surface form annotated when it differs from this entity's canonical label.

Fedora Linux uses SELinux
this entity surface form: SELinux for mandatory access control
SELinux fullName SELinux self-linksurface differs
this entity surface form: Security-Enhanced Linux
SELinux abbreviation SELinux self-link
SELinux partOf SELinux self-linksurface differs
this entity surface form: Linux kernel security subsystem
AppArmor comparedTo SELinux
CRI-O supports SELinux
AlmaLinux supports SELinux
FLASK security architecture influenced SELinux
this entity surface form: Security-Enhanced Linux
FLASK security architecture usedIn SELinux
this entity surface form: Security-Enhanced Linux
FLASK security architecture appliedTo SELinux
this entity surface form: Linux kernel via SELinux
LXC usesKernelFeature SELinux
GNU/Linux supports SELinux