SE Linux

SELinux is an operating system based on Linux which includes Mandatory Access Control. In short, with SELinux you can define explicit rules about what subjects ( users, programs ) can access which objects ( files, devices ). You could think of it as an internal firewall, which gives you the ability to separate programs and thereby ensuring a high level of security within the operating system.

It should be noted that the people working on SE Linux tend to avoid the term "Trusted Linux" or anything similar. Trusted distributions are associated with releases that lag way behind the main releases, have compatibility issues with commonly used software, and generally cause problems for users. In Red Hat distributions and in Hardened Gentoo SE Linux works really well, is up to date, and has minimal compatibility issues.There are various projects underway to get EAL certification for SELinux, most notably by RedHat and IBM.

SELinux was originally developed by the NSA with cooperation from various contractors such as MITRE and NAI Labs. It was derived from the Flask security architecture which was a part of the Flux research operating system. After its public release at the end of 2000, it was adopted by the open source community and is currently being worked on by a number of people around the world. The NSA is still involved in the development.

More recently, RedHat and Tresys Technology have major roles in SELinux development.

SELinux is being rapidly adopted by many companies for production systems since RedHat have enabled it by default for Enterprise Linux. It has been a part of Fedora since Fedora Core 2 was released, and is now becoming widely accepted for production systems.