< SELinux
SELinux/LSM
SELinux uses the Linux Security Modules (LSM) as the implementation to handle enforcement within the Linux kernel. All actions taken on the system which invokes Linux kernel calls (such as system calls) are also passed through LSM, and SELinux adds LSM hooks so that SELinux too can participate in deciding if a call is to be allowed or not.
Resources
- Implementing SELinux as a Linux Security Module (pdf)
- LSM Overview in the SELinux paper published by NSA research
This article is issued from Gentoo. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.