Role-based access control in SELinux
Role-based access control (RBAC) is a general security model that simplifies administration by assigning roles to users and then assigning permissions to those roles. RBAC in Security-Enhanced Linux (SELinux) acts as a layer of abstraction between the user and the underlying type-enforcement (TE) model, which provides highly granular access control but is not geared for ease of management. Learn how the three pieces of an SELinux context (policy, kernel, and userspace) work together to enforce the RBAC and tie Linux users into the TE policy.
[ Read more ]