Status: IN
SELinux operates through a layered enforcement model: DAC is evaluated first, type is the primary policy mechanism, per-domain permissive mode enables targeted debugging, and AVC denials are logged for forensic analysis.
JSON