This paper explains the need for mandatory access control (MAC) in mainstream operating systems and presents the NSA's implementation of a flexible MAC architecture called Flask in the Security-Enhanced Linux (SELinux) prototype. The paper explains how the Flask architecture separates policy from enforcement and provides the necessary interfaces and infrastructure for flexible policy decisions and policy changes. It describes the fine-grained labeling and controls provided by SELinux for kernel objects and services. The paper explains how existing Linux applications can run unchanged on the SELinux kernel, and it describes the support for security-aware applications. The paper shows how the SELinux controls can be applied to meet real security objectives by describing the example security policy configuration. It demonstrates that the performance overhead of the SELinux controls is minimal. Finally, the paper highlights the differences between SELinux and related systems.