Security Enhanced Linux (SELinux) is a security model that offers the potential to compartmentalize and secure every component of a Linux system (processes, files, directories, users, devices, and so on). Instead of the all-or-nothing, either-you-have-root-privilege-or-youdon't approach to security in traditional Linux and UNIX systems, SELinux allows much finer granularity in how permissions to run and alter components on the computer are handed out. With SELinux, you can severely limit the damage caused by a person who cracks one part of a Linux system.
Definitions for permissions in SELinux are configured in what are called policies. In Fedora Core 3, you first have the opportunity to enable or disable SELinux. If enabled, you can use (and modify if you like) either of two policy sets:
targeted — Assigned policies in the “targeted” set focus on services with vulnerable daemon processes, as well as the resources the services can access. These policies limit the impact that an attack on the following services can have on your server as a whole: Apache (Web server), BIND (Domain name system server), Hotplug (removable media), NTPD (time synchronization), and others. The targeted set of policies is practical today and provides further boundaries around what are already quite secure features. In most cases, you can use this policy set without modification.
strict — Assigned policies in the “strict” set contain a much more thorough and complex set of policies. This policy set lets you test out and modify a full-blown SELinux system. If you are interested in learning about SELinux or modifying a policy set to suit an exact set of applications, the strict policy set is one you can start with.
This chapter sets out to give you an understanding of what SELinux is. It describes how to turn on SELinux in Fedora Core 3. Then it provides an overview of how Fedora's targeted policy is set up for you and describes how you can modify the targeted or strict SELinux policies to personalize your SELinux policy settings.