SELinux Usage and Criticism

The cluster focuses on debates about SELinux as a Linux security module, including its effectiveness, NSA origins, configuration difficulties, default enabling in distros, and comparisons to AppArmor.

📉 Falling 0.3x Security

2,027

Comments

Years Active

Top Authors

#7855

Topic ID

Activity Over Time

2007

2008

2009

2010

2011

2012

2013

2014

2015

160

2016

176

2017

280

2018

2019

2020

113

2021

117

2022

265

2023

150

2024

258

2025

2026

Top Contributors

viraptor (31) Zurrrrr (21) ruthmarx (16) Spivak (14) lima (14)

Keywords

AVC SUSE AlmaLinux RedHat ROM SELINUX IMO CIS RHEL HW selinux security linux nsa disabled fedora distros permissions file centos

Sample Comments

formerly_proven • Feb 8, 2025 • View on HN

SELinux exists for precisely these scenarios, use it.

dan_quixote • Sep 21, 2021 • View on HN

So, lack of SELinux and the like?

nodata • Jul 14, 2013 • View on HN

SELinux works well nowadays. You'd know that if you hadn't disabled it.

rhizome • Jul 17, 2012 • View on HN

Might help, but they don't really need it, seeing as SELinux is an NSA project.

yrro • Dec 9, 2020 • View on HN

If only it had comprehensive SELinux support...

empath75 • Jan 14, 2017 • View on HN

Selinux creates a lot of extra work for very little visible benefit.

quasarj • Sep 4, 2024 • View on HN

Thank you.. came here to say exactly this. Who the heck is using SELinux? hah

AviationAtom • Jan 17, 2021 • View on HN

You do realize that SELinux is their baby, right?

andrey_utkin • May 26, 2016 • View on HN

SELinux is not opt-in in RedHat-based distros AFAIK.

29athrowaway • Jun 10, 2023 • View on HN

There's Security Enhanced Linux (SELinux) maintained by the NSA, AppArmor and others. If security is what you want, you can have it.