iDRAC9 Security Configuration Guide

SELinux

SELinux is based on defense-in-depth design, with multiple layers of protection and functionality to help secure this critical system component. SELinux is a core Linux security technology that is merged in the standard Linux kernel. SELinux has been gaining adoption within many Linux distributions. Red Hat Enterprise Linux (RHEL) was one of the first adopters other Linux users followed. SELinux is now maintained in the core Linux kernel by a dedicated group including Red Hat, Network Associates, Secure Computing Corporation, Tresys Technology, among others. This security technology uses a method referred to as Mandatory Access Control. This method enables you to specify all the privileges that internal processes must complete their tasks and limits the access to only those tasks. This is important because most attempts to hack a system involve trying to make processes do things that are outside of the original design

Dell wrote comprehensive security policies in SELinux for every task that runs on the iDRAC and then ran comprehensive tests to ensure that no features were broken in the process. SELinux operates at the core kernel level on the iDRAC and cannot be disabled or modified by the users. SELinux adds a mitigation factor that prevents many programming flaws from being further exploited to gain elevated access to the system. Moreover, SELinux logs security messages when an attack is detected. These log messages indicate when and how an attacker tried to break into the system. These logs are available through SupportAssist to users enrolled in this feature. Till a future release of iDRAC, these logs are available in the Lifecycle Controller Logs.