Ralph Angenendt wrote: > Ned Slider wrote: >> Hi list, >> >> I've knocked up a contribution on SELinux here: >> >> http://wiki.centos.org/HowTos/SELinux >> >> I've tried to pitch it as an introduction for those not already familiar >> with SELinux but also hopefully a useful reference. > > Great article. > > What maybe should be added to the article is the fact, that SELinux > doesn't need programs to be changed, meaning that programs do not (need > to) know about SELinux at all for it to work. So a SELinux denial just > looks like a normal "access denied" to any program. > > Cheers, > > Ralph > Thanks Ralph. Added the following sentence: Because SELinux is implemented within the kernel, individual applications do not need to be especially written or modified to work with SELinux. If SELinux blocks an action, this appears as just a normal "access denied" type error to the application.