An article by Harsh Shandilya on hot topic of security for Android software. SELinux is an acronym for Security-enhanced Linux. It is a security feature built into the Linux kernel that enforces access control for programs via a predefined security policy put in place by the system administrators.
SELinux is an implementation of a MAC security mechanism. MAC stands for Mandatory Access Control, a paradigm that allows restricting multiple aspects of a process.
It is split in following:
- What is SELinux?
- How to detect and resolve SELinux denials on Android
- Labelling in SELinux
SELinux builds upon DAC-based restrictions and adds additional layers of restrictions above UID and GID to ensure a compromised user can still be restricted from doing things it normally wouldn’t need to do. Great short article!
[Read More]