SELinux

SELinux is an advanced security mechanism available for Linux-based systems. Think of it as one more guarding layer on top of regular user and group access rights in Linux. Since Fedora-based systems come with a sane default set of SELinux policies out of the box, we get this extra security for our servers almost for free.It's true that many administrators ignore SELinux and argue that given the SELinux complexity, it's not worth the trade-off. The thing is that SELinux can prevent a class of security vulnerabilities that Linux permissions simply cannot and provide an additional security layer in the spirit of defense-in-depth, a security concept advocating for more independent layers of protection.