I’ve been working on some introductory slides on SELinux. They’re still far from finished. All I’ve written so far is some basic terminology, identities, roles, types. I also tried to show how this increases security, though that part is probably still hard to understand unless you know about common attack vectors.

I havn’t yet written about the actual policy, policy modules, all the fancy UI stuff available, reachability analysis etc. I probably will not do so:

The goal of the slides is not to give an exact overview over how SELinux works, how to write good policy etc. I also don’t claim to have all facts right - instead I want to provide an easy to understand overview over how SELinux works and why it is a good thing. I guess I won’t even be flaming AppArmor. ;-)

Thats why I picked the name “gentle introduction to SELinux”.

Remember, it’s just a work in progress, “the best is yet to come”. I really need your feedback (and encouragement – there is still so much to be written).

Get the slides as PDF here. Feedback is best via email – erich AT debian DOT org. I intentionally do not have comments in my blog.