First, the Unix permissions are checked. If they allow the operation, SEL checks it and either permits it or denies...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
it based on the predefined roles that you have configured.
Let's go back to the purpose of SEL. It adds mandatory access controls (MAC) to Linux. It is designed for preventing bad programs from tampering with your data and comprising other security controls you might have on your system. These bad programs include both malicious applications and badly written code.
At the same time, SEL helps minimize the damage that can be done as the result of an intrusion. The trusted operating systems (referred to in Is SEL trustworthy?)(particularly ones that are labeled C2) certainly have a form of access controls, but were not really mainstream (not mandatory, accept for B1 and higher) and also offered a limited Mandatory Access Control (MAC) model.
SEL provides a very flexible and configurable MAC to Linux. It can help you enforce critical processing on your data and also to enforce various legal restrictions, including disclosure of sensitive data. If you are a part of an organization that is concerned about securing your data, it is incumbent upon you to determine how deploying SEL can help secure your environment. If you are mandated by government and/or other regulalatory agencies to secure your data, the importance of implementing SEL becomes that much greater.
Dig Deeper on Linux servers
Related Q&A from Kenneth Milberg
Need a PaaS platform with strong production support? Explore production support and SLAs of AWS Elastic Beanstalk, IBM Bluemix, Google App Engine and...continue reading
When you move to PaaS for your web-based apps, remember to think about database services. Consider the benefits of moving your database to a fully ...continue reading
Making sure that your PaaS offering and the web development framework of your choice agree can be tricky. Learn how to choose the best framework for ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.