Through my (short) job experience to date, I have gained quite a bit of knowledge of how SELinux works, from an implementation point of view and how to administer it.
I personally have several qualms with SELinux, such as it seems to be overly complicated in many regards to the point that security seems to be very hard to reason about. So, I'd like to know how warm the industry is to SELinux.
Do you employ SELinux on one of your production servers? If so, what kind of success do you have? No seriously divulging details, but do you work for an organization that is involved with Government, (DoD/DoJ, defence contractor, etc)? Are there non-government companies that find this useful?
Best Answer
SELinux does a good job at exposing the sheer complexity of an entire Linux system. Modern Fedora and RHEL systems get a lot of [SELinux] attention and for the most part you won't know SELinux is "running" (It is not a deamon it is mostly hooks in the kernel coupled with a security policy for decision making).
An interesting (sometimes frustrating) aspect of security is the question "what's it doing?" or "is it working?". Well if it is working you might not ever know. If you are running a web server and it has just been staying up, then you might not know a couple of exploits were even tried against your system.
As for Government, there are public sources (listing of government projects and the like) that seem to point to that MAC (Mandatory Access Control, ie SELinux) is being used, and possible quite heavily. Government systems, depending on deployment and what information a system holds, have to meet certain criteria before being used.
As for private companies, I don't know. If they need the integrity that SELinux brings to the table, then they should.
In the end security is really risk management and choosing the right level of effort. Also security is an on going effort, not something you merely turn "on"