Question
What is SELinux?
Answer
Security-Enhanced Linux (or SELinux) is a kernel module that can be installed and turned on in a Linux server. It categorizes files, hardware resources and processes; to learn more see this posting. It has the ability to restrict access to these categories. If a server is designated as an application server, a database server, or a web server, the relevant processes can be given minimal access. This allows you to harden a server according to the principle of least privilege. SELinux allows for configurable policies to protect your server.
Without SELinux, a typical Linux server will merely use Discretionary Access Control (with server users and groups) (page 472 of A Practical Guide to Fedora and Red Hat Enterprise Linux). This book provides a link to the selinuxproject.org. SELinux was originally "developed by the NSA (U.S. National Security Agency" (page 472 of A Practical Guide to Fedora and Red Hat Enterprise Linux).
You may want to view the posting Can the Kernel Access Hardware Directly?.