SELinux Question

[Jhamilton084]

Is SELinux used only to prevent viruses and hackers or more?

[schwim]

From the tubes of the interweb:

....You could think of it as an internal firewall, which gives you the ability to separate programs and thereby ensuring a high level of security within the operating system.

It also works very well as a way to break perfectly working applications. The very first thing I do on installs is ensure it's not running and if it is, I obliterate it.

[Rubberman]

SELinux is useful to have when running a server that has Internet access which you want to keep secure from hacking, or if you need to enforce ACL's or have other high-security needs for your systems because of government regulations such as HIPPA, etc. As schwim mentions, it can break a lot of stuff that you might want to use because they violate default SEL rules. The biggest problem is configuring the system and access control lists (ACL's) to the point that the system works reliably and doesn't keep getting in your way.

However, if you don't have hard security needs, and your server is not going to have a face on the Internet, then don't bother.

I'm thinking of making my system accessible from the Internet (right now it's behind a hardware firewall with no ports mapped thru), but if I do that, I will probably sandbox it by running the Internet-visible services in a virtual machine with its own network hardware (I have dual ethernet ports on my machine, so I can do this easily enough). I will definitely run SELinux on the VM.