Now available under an open-source license, SELinux is a Linux kernel module and a set of Linux programs originally developed by the National Security Agency (NSA). SELinux helps protect a computer running Linux from attack by extending the Linux authorization and permissions facilities, so that even if an attacker manages to cause a program to misbehave, the attacker gains only a handful of capabilities. This guide focuses on instructions for performing simple policy customizations of the sort that system administrators occasionally need to perform. Most Linux users already have the knowledge and skills necessary to learn SELinux with this book.
