SELinux is SEcurity Enhanced Linux, it adds a complete layer of access
controls at the kernel level that can be configured to a granular level. For
example the httpd binary can be restricted to reading and writing files in
/var/www/ and /var/log/httpd/. Currently Red Hat Inc. ships SELinux and enables
it by default on Fedora Core 4 and Enterprise 4 products.
Getting Started with SELinux Guide
Guide to Writing SELinux Policy