The “SE” in SELinux stands for Security-Enhanced. Linux is basically an operating system like Windows, Android, and iOS. However, rather than being developed by a single company, Linux has always been an open-source project. The source code of the Linux kernel – the “core” of Linux – is freely available to de­velopers both for non-profit and com­mer­cial projects. Based on the Linux kernel, several Linux-based operating systems have been created. These are referred to as “dis­tri­bu­tions” and some of the most well-known are Ubuntu, Debian, and Fedora.

What does “Security-Enhanced” actually mean?

The code of the Linux kernel is con­stantly being developed by companies, vo­lun­teers, and non-profit or­gan­isa­tions. Security-Enhanced Linux is an extension of the Linux kernel and is available as a stan­dalone security module. It was of­fi­cially in­teg­rated in the Linux kernel in 2003. Some Linux dis­tri­bu­tions offer SELinux as standard, but you can easily disable the module if you don’t need it. SELinux gives ad­min­is­trat­ors greater control over the processes running on their system. Any processes that are not con­sidered essential are blocked. This greatly reduces the risks as­so­ci­ated with security vul­ner­ab­il­it­ies in user programs.

Even if you trust a program, it can still be a good idea to restrict access rights, because if the program were to be hijacked by a third party this could have very serious con­sequences indeed. If programs infected by malware have access to all of the data and processes on a system, they can do a lot of damage. By re­strict­ing access, SELinux limits the potential for damage.

Strict control of operating system access

The special SELinux security ar­chi­tec­ture is based on the principle of Mandatory Access Control (MAC). Unlike the standard Linux kernel, SELinux only allows access to operating system processes and files if this is ab­so­lutely essential. The aim is to ensure data con­fid­en­ti­al­ity and integrity by im­ple­ment­ing a strict access control strategy and cor­res­pond­ing security policies. With SELinux, the operating system and the user programs are clearly separated from one another.

How does SELinux limit access rights?

The standard Linux setup uses Dis­cre­tion­ary Access Control (DAC). With this type of mechanism, if users and ap­plic­a­tions have the necessary priv­ileges, they generally have unlimited access to operating system data and processes. When Mandatory Access Control is im­ple­men­ted, as in SELinux, an ad­min­is­trat­or uses precisely defined security policies to define ad­di­tion­al at­trib­utes that determine the con­di­tions and contexts in which a user may access certain operating system processes or files. If the con­di­tions or contexts (i.e. at­trib­utes) have not been approved, access is denied.

For the purposes of control in SELinux, the ad­min­is­trat­or assigns the following labels:

  • User
  • Role
  • Type
  • Level

These labels can be assigned for every process and file and then in­teg­rated in the defined security policies. For example, an ap­plic­a­tion might only be granted access to folders that have a specific label. The process of checking the security policies is referred to as SELinux en­force­ment.

The ad­vant­ages and dis­ad­vant­ages of SELinux

SELinux hinders or prevents the abuse of user rights that can occur when user programs have security flaws. The operating system is, therefore, well-protected. Linux dis­trib­ut­ors offer the SELinux module with various different policy packages and cor­res­pond­ing security policies, which sim­pli­fies con­fig­ur­a­tion of the security layer. Au­thor­ised ad­min­is­trat­ors can also define the security policies them­selves.

Although SELinux gives ad­min­is­trat­ors far more control over processes and systems, it does not really help them to resolve problems. Whenever SELinux blocks access, it issues an error message, but these messages are often very vague, which makes troubleshoot­ing rather difficult. SELinux is also a re­l­at­ively complex module. Many ad­min­is­trat­ors feel that dealing with the security policies and defining at­trib­utes is too com­plic­ated or requires too much effort. Moreover, im­ple­ment­ing SELinux can have a slightly negative effect on the per­form­ance of the operating system.

Con­clu­sion

SELinux is a very powerful security tool, but if you want to use it you need to be prepared to put in some extra work. The software will only be effective if you take the time to configure everything correctly – if you only partially set it up, you won’t reap the ad­vant­ages. Non­ethe­less, in pro­fes­sion­al en­vir­on­ments where sensitive data is handled, using SELinux is highly re­com­men­ded.

How did SELinux come about?

SELinux was developed mainly by the United States National Security Agency (NSA) and Linux dis­trib­ut­or Red Hat. The first operating systems to fully support SELinux were Red Hat En­ter­prise Linux 4 and the Fedora dis­tri­bu­tion sponsored by Red Hat. In addition to Red Hat and Fedora, Gentoo Hardened Linux also offers re­l­at­ively com­pre­hens­ive support for SELinux. Those looking for an al­tern­at­ive to SELinux could try the AppArmor security module which is primarily supported by dis­tri­bu­tions such as openSUSE and Debian-based platforms.

Go to Main Menu