SELinux
Definition
Security-Enhanced Linux (SELinux) is a security architecture integrated into the Linux kernel that provides a mechanism for supporting access control security policies. It uses a set of rules to enforce mandatory access controls (MAC) that restrict users and processes to only the resources they need to perform their tasks, thereby minimizing potential damage from vulnerabilities or misconfigurations.
Secure Settings Example
# Enable SELinux in enforcing mode
setenforce 1
# Ensure SELinux is set to enforcing mode in the configuration file
sed -i 's/^SELINUX=.*/SELINUX=enforcing/' /etc/selinux/config
# Example of setting a context for a web server directory
semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?"
restorecon -Rv /var/www/html
Insecure Settings Example
# Disabling SELinux by setting it to permissive mode
setenforce 0
# Configuring SELinux to be disabled in the configuration file
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config