Lines Matching full:selinux
1 page.title=SELinux concepts
27 <p>Review this page to become familar with the concepts at play within SELinux.</p>
31 <p>Security Enhanced Linux (SELinux), is a mandatory access control (MAC) system
39 <p>SELinux has been implemented as part of the Linux Security Module (LSM)
44 security object. SELinux provides an implementation for these hooks and
55 <p>Starting in Android 4.3, SELinux provides a mandatory access control (MAC)
60 SELinux can be used to label these devices so the process assigned the root
65 <p>See <a href="implement.html#use_cases">Use Cases</a> for more examples of threats and ways to address them with SELinux.</p>
69 <p>Become familiar with the following terms to understand how SELinux can be
73 <li><em>Permissive</em> - SELinux security policy is not enforced, only logged.
89 <p>Unconfined policies are available to help implement SELinux in Android quickly.
101 <p>SELinux depends upon <em>labels</em> to match actions and policies. Labels determine what is allowed. Sockets,
102 files, and processes all have labels in SELinux. SELinux decisions are based
104 they may interact. In SELinux, a label takes the form:
132 SELinux policy. A rule takes the form:
