Home arrow BrainDump arrow Page 4 - Demystifying SELinux on Kernel 2.6

Final Thoughts - BrainDump

If you're looking for a way to control or restrict access to your Linux-based applications, you might want to look at SELinux. This extension has been around since Linux kernel 2.6 and can help you with your access issues.

  1. Demystifying SELinux on Kernel 2.6
  2. Basics of SELinux
  3. More About SELinux
  4. Final Thoughts
By: Barzan "Tony" Antal
Rating: starstarstarstarstar / 2
October 29, 2009

print this article



This article merely demystified what SELinux is. Gaining expertise with it requires research and time. More than this is beyond the scope of this overview. By now you should have understood what it does and how it came to life. Should you want further information, you will know what to search for and where.

Lots of people don't know what SELinux is despite the fact that they might be familiar with using functions and features which would not be possible without this extension. Others might have heard of SELinux, but they only know it's some U.S. DoD specific project that is "oh so" secretly kept. The presence of SELinux ever since kernel 2.6 is one of those topics that needs a bit of light shed on it.

SELinux is a proven solution for restricting applications, but it would be silly to think it's the only approach that was designed and implemented. Another solid alternative could be AppArmor. It takes a slightly easier approach than SELinux because it works with file paths rather than labels (it is not based on inode numbers). Originally maintained by Novell, it has been taken over by openSuse devs, and is now licensed on GNU GPL.

In a future article we are going to overview AppArmor and compare it with the characteristics of SELinux presented in this article. Both security solutions are rather fantastic; they've been proven to be reliable over the years, so it's especially important to be familiar with both. In that way we'll be qualified to take an educated guess for when to use which, and be able to handle both of them seamlessly. 

In closing, I'd like to invite you to join our community of technology professionals experienced in all areas of IT&C starting from software and hardware up to consumer electronics at Dev Hardware Forums. Also, be sure to check out the community of our sister site at Dev Shed Forums. We are friendly and we'll do our best to help you.

>>> More BrainDump Articles          >>> More By Barzan "Tony" Antal

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Apple Founder Steve Jobs Dies
- Steve Jobs` Era at Apple Ends
- Google's Chrome Developer Tool Updated
- Google's Chrome 6 Browser Brings Speed to th...
- New Open Source Update Fedora 13 is Released...
- Install Linux with Knoppix
- iPad Developers Flock To SDK 3.2
- Managing a Linux Wireless Access Point
- Maintaining a Linux Wireless Access Point
- Securing a Linux Wireless Access Point
- Configuring a Linux Wireless Access Point
- Building a Linux Wireless Access Point
- Migrating Oracle to PostgreSQL with Enterpri...
- Demystifying SELinux on Kernel 2.6
- Yahoo and Microsoft Create Ad Partnership

Developer Shed Affiliates


Dev Shed Tutorial Topics: