First, the Unix permissions are checked. If they allow the operation, SEL checks it and either permits it or denies...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
it based on the predefined roles that you have configured.
Let's go back to the purpose of SEL. It adds mandatory access controls (MAC) to Linux. It is designed for preventing bad programs from tampering with your data and comprising other security controls you might have on your system. These bad programs include both malicious applications and badly written code.
At the same time, SEL helps minimize the damage that can be done as the result of an intrusion. The trusted operating systems (referred to in Is SEL trustworthy?)(particularly ones that are labeled C2) certainly have a form of access controls, but were not really mainstream (not mandatory, accept for B1 and higher) and also offered a limited Mandatory Access Control (MAC) model.
SEL provides a very flexible and configurable MAC to Linux. It can help you enforce critical processing on your data and also to enforce various legal restrictions, including disclosure of sensitive data. If you are a part of an organization that is concerned about securing your data, it is incumbent upon you to determine how deploying SEL can help secure your environment. If you are mandated by government and/or other regulalatory agencies to secure your data, the importance of implementing SEL becomes that much greater.
Dig Deeper on Linux servers
Related Q&A from Kenneth Milberg
Learn which makes more sense for your enterprise: building your own cloud-based diagnostic tooling or purchasing an existing product. Expert Ken ...continue reading
Learn about Helm Charts and how Kubernetes supports a microservices architecture. Expert Ken Milberg discusses what you need to know before delving ...continue reading
Learn about what blockchain is, and then begin to understand how best to choose a tool that can automate blockchain services. Expert Ken Milberg ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.