The world of computing is full of security problems, as well as people offering solutions to make your systems “secure.” Unfortunately, most of these technologies are not really that useful. At best, they are reactive, offering protections against old threats but not new ones. At worst, they add layers of complexity without providing any useful protection at all.

My name is Chad Sellers, and I work for Tresys Technology, the company doing more with SELinux than anyone today. SELinux is a powerful access control mechanism built into the upstream Linux kernel. It can be used to solve a large number of security problems, ranging from the very complex to the very simple. While it can be misused like any technology, it has the potential to solve real problems that real users care about.

This blog contains examples of how to solve real world security problems. Every post may not be about SELinux, but most of them probably will. I hope you find this useful.