SELinux FAQ

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
m (1 revision(s))
Line 1: Line 1:
 
= Frequently Asked Questions =
 
= Frequently Asked Questions =
 +
 +
== What is SELinux? ==
 +
 +
SELinux is a security feature in the Linux kernel that provides fine grained access control than traditional file permissions. A centralized policy determines which software can access what resources. For example, network services can be confined to a particular port, Apache web service is restricted to be able to connect to only 80 by default.
 +
 +
== Is it a firewall? ==
 +
 +
Though often confused with one, SELinux is not a firewall. A firewall controls the flow of traffic to and from a computer to the network. SELinux can confine access of programs within a computer and hence can be conceptually thought of a internal firewall between programs.
 +
 +
== Is it useful on a desktop? ==
 +
 +
Yes. SELinux policies in Fedora were initially focused on network facing services. However several dozens of desktop software including Firefox, HAL, D-Bus etc are protected by default in current releases of Fedora.
 +
 +
 +
 
== Previous FAQs ==
 
== Previous FAQs ==
 
* [http://docs.fedoraproject.org/selinux-faq-fc5 Fedora Core 5 FAQ ]  
 
* [http://docs.fedoraproject.org/selinux-faq-fc5 Fedora Core 5 FAQ ]  

Revision as of 03:17, 2 July 2008

Contents

Frequently Asked Questions

What is SELinux?

SELinux is a security feature in the Linux kernel that provides fine grained access control than traditional file permissions. A centralized policy determines which software can access what resources. For example, network services can be confined to a particular port, Apache web service is restricted to be able to connect to only 80 by default.

Is it a firewall?

Though often confused with one, SELinux is not a firewall. A firewall controls the flow of traffic to and from a computer to the network. SELinux can confine access of programs within a computer and hence can be conceptually thought of a internal firewall between programs.

Is it useful on a desktop?

Yes. SELinux policies in Fedora were initially focused on network facing services. However several dozens of desktop software including Firefox, HAL, D-Bus etc are protected by default in current releases of Fedora.


Previous FAQs