Research Menu

Skip Search Box

SELinux Documentation

Implementing SELinux as a Linux Security Module

Stephen Smalley, Chris Vance, and Wayne Salamon (NAI Labs)

Initial version: December 2001
Last revised: Feb 2006


This technical report describes the implementation of the LSM-based SELinux security module. The report begins by providing an overview of LSM and a review of the SELinux basic concepts. It then provides a summary of how the LSM-based SELinux security module differs from the original SELinux kernel patch. Several aspects of the SELinux security module are then described, including its internal architecture, its initialization code, its support for stacking with other security modules, and its approach for implementing the SELinux API. The remainder of the report is then spent documenting the SELinux hook function implementations, organized into sections for each grouping of LSM hooks.

* To view documents stored as Portable Document Format (PDF) files your local computer must have a viewer application or a Web browser plug-in that supports the PDF file format.

Linux is a registered trademark of Linus Torvalds
NAI is a trademark of Networks Associates Technology, Inc.


Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009