I could not get much idea where the SELinux has been used and what it saves from attacker.
I have gone through SELinux web site and read the basic but still not getting clue about SELinux. For the Linux system which provides the SSH shell, Apache front end, role based web application, MySQL DB, memcached, almost all the systems are password protected, then why do we need SELinux?
Linux – Why do we need SELinux
linuxSecurityselinux
Related Topic
- Security – Our security auditor is an idiot. How to give him the information he wants
- Linux – server handover document template – users, security settings (firewall,selinux), packages etc
- Centos – How to allow unprivileged apache/PHP to do a root task (CentOS)
- Linux – Bastion host for PCI compliance
- Ssh – Centos: rsyslog blocks sshd and also local login if selinux is active
- Fedora – How to Configure SELinux to Allow a Port for a New Undefined Service Type
Best Answer
You may view SELinux as a system-call firewall: A policy for each application specifies what's reasonable for the application to do: The name server may listen on port 53, work with some zone files in a particular directory, send out syslog, ..., but it makes no sense for it to try to work with files in /home, for example. SELinux' enforcement of such a policy means that it will be much harder for a weakness in the name server to spread to other parts of the system.
I find that SELinux provides real security value. But while it has certainly become easier to work with over the years, it is - unfortunately - still a rather complex system. The good thing is that you may easily turn it off for some services, without having to turn it off for the whole system. Too many (junior?) sysadmins turn of SELinux across the board, as soon as they run into the slightest problem with one service - instead of selectively turning it off for the service causing trouble.