https://drive.google.com/file/d/1rKek3xfDpArLx0ARo7XayHOFtephWCyv/view?usp=sharing

1. What is SELinux?

Core Concept

How SELinux Enhances Security

Traditional Linux (DAC) SELinux (MAC)
Owner decides permissions System policy decides permissions
"Root can do anything" Even root restricted by policy
File permissions only Context-based (user:role:type:level)

đź’ˇ Key Insight:

SELinux prevents privilege escalation—even if an attacker gains root access, they're confined by policy.

2. SELinux Modes

Three Operational Modes

Mode Behavior Use Case
Enforcing Blocks unauthorized access + logs denials Production systems
Permissive Logs denials but allows access Troubleshooting
Disabled SELinux completely off Not recommended

Check and Change Modes

# Check current mode
getenforce

# Temporarily set to Permissive
sudo setenforce 0

# Temporarily set to Enforcing
sudo setenforce 1

# Permanent configuration
cat /etc/selinux/config

⚠️ Critical Note:

Never disable SELinux—use Permissive mode for debugging instead.

3. SELinux Contexts

File Contexts (ls -Z)