SELinux, also known as Security-Enhanced Linux, is an optional part of the Linux kernel which enforces system-wide MACs (mandatory access controls). It provides a level of security on par with the computer systems used at the NSA and the U.S. Department of Defense.
The MAC architecture used in SELinux is called Flask, which stands for Flux Advanced Security Kernel. It was developed by the NSA, the University of Utah, and the Secure Computing Corporation as a way to bring strong security to Linux operating systems. The Flask architecture allows system administrators to configure multiple layers of fine-grained access control and implement them for each and every process on the system.