SELinux

E37338

Linux security module mandatory access control system

SELinux (Security-Enhanced Linux) is a Linux kernel security module that provides a flexible, fine-grained mandatory access control (MAC) framework to enforce strict security policies on systems.

Jump to: Surface forms Statements Referenced by

Observed surface forms (3)

Surface form	Occurrences
Linux kernel security subsystem	1
SELinux for mandatory access control	1
Security-Enhanced Linux	1

Statements (54)

Predicate	Object
instanceOf	Linux security module ⓘ mandatory access control system ⓘ
abbreviation	SELinux self-link ⓘ
basedOn	FLASK security architecture ⓘ
category	Linux security ⓘ computer security software ⓘ
configurationFile	/etc/selinux/config ⓘ
defaultModeOnSomeDistros	enforcing ⓘ
developedBy	National Security Agency ⓘ surface form: NSA Red Hat ⓘ National Security Agency ⓘ surface form: United States National Security Agency open source community ⓘ
documentationWebsite	https://selinuxproject.org/ ⓘ
enforces	security policies ⓘ
fullName	SELinux self-linksurface differs ⓘ surface form: Security-Enhanced Linux
goal	enforce least privilege ⓘ limit damage from compromised services ⓘ
hasMode	disabled ⓘ enforcing ⓘ permissive ⓘ
implements	mandatory access control ⓘ
introducedIntoLinuxKernel	version 2.6 ⓘ
isFreeSoftware	true ⓘ
isOpenSource	true ⓘ
license	GNU General Public License ⓘ
originCountry	United States of America ⓘ surface form: United States
partOf	SELinux self-linksurface differs ⓘ surface form: Linux kernel security subsystem
policyLanguage	SELinux policy language ⓘ
policyPackageExtension	.pp ⓘ
policySourceExtension	.te ⓘ
provides	kernel-level access control ⓘ label-based security ⓘ
runsOn	Linux ⓘ
securityModel	MAC ⓘ
supports	fine-grained access control ⓘ multi-category security ⓘ multi-level security ⓘ role-based access control ⓘ type enforcement ⓘ
usedIn	CentOS ⓘ Debian ⓘ Fedora Linux ⓘ surface form: Fedora Oracle Linux ⓘ Red Hat Enterprise Linux ⓘ Ubuntu (optional component) ⓘ
uses	labels on files and processes ⓘ policy rules ⓘ security contexts ⓘ
usesTool	audit2allow ⓘ chcon ⓘ getenforce ⓘ restorecon ⓘ semanage ⓘ setenforce ⓘ

Referenced by (7)

Full triples — surface form annotated when it differs from this entity's canonical label.

SELinux → abbreviation → SELinux self-link ⓘ

AppArmor → comparedTo → SELinux ⓘ

SELinux → fullName → SELinux self-linksurface differs ⓘ

this entity surface form: Security-Enhanced Linux

SELinux → partOf → SELinux self-linksurface differs ⓘ

this entity surface form: Linux kernel security subsystem

Red Hat Enterprise Linux → supports → SELinux ⓘ

Linux → supportsSecurityFeature → SELinux ⓘ

Fedora Linux → uses → SELinux ⓘ

this entity surface form: SELinux for mandatory access control