Summary

While SELinux is still in early stages of development, it is an important technology for allowing Linux to operate in highly secure environments. Two SELinux policy sets are delivered with Fedora Core 3. The default policy set, targeted, enforces a set of policies related to particular services, such as Apache, BIND, Hotplug, NIS, and other common services. The strict policy set contains a more complete policy set which is still somewhat experimental in nature and will need extra tweaking to work in your particular environment. SELinux provides both command-line and graphical tools for checking SELinux and working with SELinux policies.