The „convenience vs surveillance“ goes into another round of extremes.
„I’m amazed, so some open source dudes compiled into the kernal…a security package developed by the NSA! I mean lol? Let’s get the fox to guard the chicken coup!“
Debian Linux 2.6.32-5-amd64 #1 SMP Fri May 10 08:43:19 UTC 2013 x86_64 GNU/Linux
email@example.com:~$ dpkg -l |grep SELinux ii libselinux1 2.0.96-1 SELinux runtime shared libraries ii libsepol1 2.0.41-1 SELinux library for manipulating binary security policies root@ubuntuServer:/# uname -a Linux ubuntuServer 3.8.0-29-generic #42~precise1-Ubuntu SMP Wed Aug 14 16:19:23 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux root@ubuntuServer:/# dpkg -l |grep SELinux ii libselinux1 2.1.0-4.1ubuntu1 SELinux runtime shared libraries
The National Security Agency or NSA is now in the public eye for some nefarious surveillance, but Linux users should know that the agency also had an active role the Linux kernel development, with the addition of SELinux (Security-Enhanced Linux).
According to their official website, “SELinux is an implementation of mandatory access controls (MAC) on Linux”.
Mandatory access controls allow an administrator of a system to define how applications and users can access different resources such as files, devices, networks and inter-process communication.”
It’s essentially a tool that allows for the integration of access control security policies and it works similarly to a firewall, at least from a concept point-of-view.
NSA (National Security Agency) is the primary developer of SELinux (although there are other parties involved, including Red Hat) and the project was merged into the Linux kernel back in 2003.
SELinux has been enabled in Android and more details about this particular project can be found in one the official website.