Unix Security - SELinux

SELinux

SELinux is the set of kernel extensions to control access more precisely, strictly defining both if and how files, folders, network ports and other resources can be accessed by the confined process. This system is mostly used to restrict processes (database, server) rather than human users. It can also limit processes that run as root. Other distributions use comparable alternatives like AppArmor.

Read more about this topic:  Unix Security