# Selinux Profile

## leonchik1976

I noticed that lately it has been added new profile default/linux/amd64/10.0/selinux.

It there any HOWTO installing this? how much installation is differ from hardened/linux/amd64/selinux ?

----------

## Veldrin

There is the SELinux Handbook which does not care if you use hardened or not. 

As for the difference: the hardened profiles implies some additional hardening of the binaries (-fstack-protector et all), while the default does not. 

Keep in mind, that hardening is done to the binaries directly, while selinux is MAC (Mandatory Access Control) system which provides finer grained access control. There are some others like apparmor, rbac (normally used in hardened) and some more - just have a look at the respective kernel section.

V

----------

## Sven Vermeulen

Yup, what Veldrin said. If you would just switch the profiles, it won't work - there are quite a few changes needed on the system. But if you're willing to go that extra mile for getting additional security, please do give it a try. And if you're an IRC guy, don't hesitate to drop by on #gentoo-hardened. Oh, and there are a few other resources on the project page as well.

----------

## Deathwing00

Moved from Installing Gentoo to Networking & Security.

----------

