On a traditional Linux system, permissions and access control to files and processes are controlled completely by users. root is all powerful, and programs inherit a user's rights, meaning that when a program is compromised, that user is also compromised. In cases of a program run as root, that means the attacker has access to the whole system.
In the SELinux method, access is provided by a security policy set by the administrator and enforced by the system. There is no "all powerful root user".
Debian and Gentoo have already adopted such a method some time ago. However if you do not use one of thoose distributions it is a good idea to consider implementing SELinux if you maintain a server, or if you are responsible for maintaining a secure Linux enviorment.
You may download SELinux from The Narional Security Agency
I only recommend this for novice Linux users.
shn
Bookmarks