SELinux in the Real World
Through my (short) job experience to date, I have gained quite a bit of knowledge of how SELinux works, from an implementation point of view and how to administer it.
I personally have several qualms with SELinux, such as it seems to be overly complicated in many regards to the point that security seems to be very hard to reason about. So, I'd like to know how warm the industry is to SELinux.
Do you employ SELinux on one of your production servers? If so, what kind of success do you have? No seriously divulging details, but do you work for an organization that is involved with Government, (DoD/DoJ, defence contractor, etc)? Are there non-government companies that find this useful?
SELinux does a good job at exposing the sheer complexity of an entire Linux system. Modern Fedora and RHEL systems get a lot of [SELinux] attention and for the most part you won't know SELinux is "running" (It is not a deamon it is mostly hooks in the kernel coupled with a security policy for decision making).
An interesting (sometimes frustrating) aspect of security is the question "what's it doing?" or "is it working?". Well if it is working you might not ever know. If you are running a web server and it has just been staying up, then you might not know a couple of exploits were even tried against your system.
As for Government, there are public sources (listing of government projects and the like) that seem to point to that MAC (Mandatory Access Control, ie SELinux) is being used, and possible quite heavily. Government systems, depending on deployment and what information a system holds, have to meet certain criteria before being used.
As for private companies, I don't know. If they need the integrity that SELinux brings to the table, then they should.
In the end security is really risk management and choosing the right level of effort. Also security is an on going effort, not something you merely turn "on"
A lot of shops that I know of, would like to use SELinux, but are not able to. Many vendors that build their products for RHEL, for example, explicitly require SELinux to be shut off. As long as joints like Oracle do not properly support SELinux, I don't see it taking off big time, except on web servers (on which I would always leave it on!) SELinux isn't that complicated anymore. If you look at RHEL4 and RHEL5 and compare how complicated SELinux is on both, the difference is huge. If you compare Fedora 11 to RHEL5, the difference is huge again. Big strides are made, but as long as guys like Oracle think SELinux is not worth supporting, you'll keep seeing a lot of people turning it off.
You don't have to customize SELinux and write you own profiles if you just want to provide an additional layer of security around many well-known servers and deamons. The default configuration in some good Linux distributions will increase the security level of your system in case of a service is being attacked with a working exploit.