Security-Enhanced Linux is a kernel-level security module that enables you to create, modify and implement access control policies across your Linux servers. These access policies act as an agent to protect the servers.
SELinux gives you the ability to manage controls of applications, users, directories and services throughout your Linux server. SELinux acts like an application firewall because it specifies the ability to create "firewall" rules at the application and service level.
For cybersecurity measures, admins cannot always anticipate an attacker's moves. SELinux helps with protecting against certain exploited weaknesses within an environment. For example, if there is an exploit with Apache, you can use the SELinux policy module for Apache and address the vulnerability.
Red Hat originally developed SELinux in 2000. The goal of SELinux was to provide access control right out of the box without the need to configure specifics or bring in a third-party tool. After SELinux's distribution and development, it quickly became an effective way to maintain secure and compliant data centers.
SELinux is available out of the box on Red Hat Enterprise Linux, CentOS, Ubuntu, Debian and Fedora distributions. For Ubuntu- and Debian-based systems, you must start the installation process through Aptitude package manager.
This video tutorial provides hands-on approach to SELinux. We look at what SELinux is and why it's an important way to secure your infrastructure and mitigate vulnerabilities on your Linux servers.
The SELinux tutorial then covers the different global modes of SELinux, what the modes are, how the modes differ from each other and how to set the modes depending on how you need SELinux to interact with your infrastructure.
Finally, we cover the different statuses within SELinux, how to check the SELinux logs and the available SELinux modules.