The “SE” in SELinux stands for Security-Enhanced. Linux is basically an operating system like Windows, Android, and iOS. However, rather than being developed by a single company, Linux has always been an open-source project. The source code of the Linux kernel – the “core” of Linux – is freely available to de­vel­op­ers both for non-profit and com­mer­cial projects. Based on the Linux kernel, several Linux-based operating systems have been created. These are referred to as “dis­tri­b­u­tions” and some of the most well-known are Ubuntu, Debian, and Fedora.

What does “Security-Enhanced” actually mean?

The code of the Linux kernel is con­stant­ly being developed by companies, vol­un­teers, and non-profit or­ga­ni­za­tions. Security-Enhanced Linux is an extension of the Linux kernel and is available as a stand­alone security module. It was of­fi­cial­ly in­te­grat­ed in the Linux kernel in 2003. Some Linux dis­tri­b­u­tions offer SELinux as standard, but you can easily disable the module if you don’t need it. SELinux gives ad­min­is­tra­tors greater control over the processes running on their system. Any processes that are not con­sid­ered essential are blocked. This greatly reduces the risks as­so­ci­at­ed with security vul­ner­a­bil­i­ties in user programs.

Even if you trust a program, it can still be a good idea to restrict access rights, because if the program were to be hijacked by a third party this could have very serious con­se­quences indeed. If programs infected by malware have access to all of the data and processes on a system, they can do a lot of damage. By re­strict­ing access, SELinux limits the potential for damage.

Strict control of operating system access

The special SELinux security ar­chi­tec­ture is based on the principle of Mandatory Access Control (MAC). Unlike the standard Linux kernel, SELinux only allows access to operating system processes and files if this is ab­solute­ly essential. The aim is to ensure data con­fi­den­tial­i­ty and integrity by im­ple­ment­ing a strict access control strategy and cor­re­spond­ing security policies. With SELinux, the operating system and the user programs are clearly separated from one another.

How does SELinux limit access rights?

The standard Linux setup uses Dis­cre­tionary Access Control (DAC). With this type of mechanism, if users and ap­pli­ca­tions have the necessary priv­i­leges, they generally have unlimited access to operating system data and processes. When Mandatory Access Control is im­ple­ment­ed, as in SELinux, an ad­min­is­tra­tor uses precisely defined security policies to define ad­di­tion­al at­trib­ut­es that determine the con­di­tions and contexts in which a user may access certain operating system processes or files. If the con­di­tions or contexts (i.e. at­trib­ut­es) have not been approved, access is denied.

For the purposes of control in SELinux, the ad­min­is­tra­tor assigns the following labels:

  • User
  • Role
  • Type
  • Level

These labels can be assigned for every process and file and then in­te­grat­ed in the defined security policies. For example, an ap­pli­ca­tion might only be granted access to folders that have a specific label. The process of checking the security policies is referred to as SELinux en­force­ment.

The ad­van­tages and dis­ad­van­tages of SELinux

SELinux hinders or prevents the abuse of user rights that can occur when user programs have security flaws. The operating system is, therefore, well-protected. Linux dis­trib­u­tors offer the SELinux module with various different policy packages and cor­re­spond­ing security policies, which sim­pli­fies con­fig­u­ra­tion of the security layer. Au­tho­rized ad­min­is­tra­tors can also define the security policies them­selves.

Although SELinux gives ad­min­is­tra­tors far more control over processes and systems, it does not really help them to resolve problems. Whenever SELinux blocks access, it issues an error message, but these messages are often very vague, which makes trou­bleshoot­ing rather difficult. SELinux is also a rel­a­tive­ly complex module. Many ad­min­is­tra­tors feel that dealing with the security policies and defining at­trib­ut­es is too com­pli­cat­ed or requires too much effort. Moreover, im­ple­ment­ing SELinux can have a slightly negative effect on the per­for­mance of the operating system.

Con­clu­sion

SELinux is a very powerful security tool, but if you want to use it you need to be prepared to put in some extra work. The software will only be effective if you take the time to configure every­thing correctly – if you only partially set it up, you won’t reap the ad­van­tages. Nonethe­less, in pro­fes­sion­al en­vi­ron­ments where sensitive data is handled, using SELinux is highly rec­om­mend­ed.

How did SELinux come about?

SELinux was developed mainly by the United States National Security Agency (NSA) and Linux dis­trib­u­tor Red Hat. The first operating systems to fully support SELinux were Red Hat En­ter­prise Linux 4 and the Fedora dis­tri­b­u­tion sponsored by Red Hat. In addition to Red Hat and Fedora, Gentoo Hardened Linux also offers rel­a­tive­ly com­pre­hen­sive support for SELinux. Those looking for an al­ter­na­tive to SELinux could try the AppArmor security module which is primarily supported by dis­tri­b­u­tions such as openSUSE and Debian-based platforms.

Go to Main Menu