[CentOS-docs] SELinux

Ned Slider ned at unixmail.co.uk
Tue Aug 12 14:06:36 UTC 2008


Ralph Angenendt wrote:
> Ned Slider wrote:
>> Hi list,
>>
>> I've knocked up a contribution on SELinux here:
>>
>> http://wiki.centos.org/HowTos/SELinux
>>
>> I've tried to pitch it as an introduction for those not already familiar  
>> with SELinux but also hopefully a useful reference.
> 
> Great article. 
> 
> What maybe should be added to the article is the fact, that SELinux
> doesn't need programs to be changed, meaning that programs do not (need
> to) know about SELinux at all for it to work. So a SELinux denial just
> looks like a normal "access denied" to any program.
> 
> Cheers,
> 
> Ralph
> 

Thanks Ralph.

Added the following sentence:

Because SELinux is implemented within the kernel, individual 
applications do not need to be especially written or modified to work 
with SELinux. If SELinux blocks an action, this appears as just a normal 
"access denied" type error to the application.


More information about the CentOS-docs mailing list