SELinux In Linux 6.6 Removes References To Its Origins At The US NSA

Written by Michael Larabel in Linux Security on 29 August 2023 at 09:00 PM EDT. 53 Comments
Security Enhanced Linux (SELinux) has been part of the mainline kernel for two decades to provide a security module implementing access control security policies and is now widely-used for enhancing the security of production Linux servers and other systems. Those that haven't been involved with Linux for a long time may be unaware that SELinux originates from the US National Security Agency (NSA). But now with Linux 6.6 the NSA references are being removed.

The United States National Security Agency worked on the original code around Security Enhanced Linux and was the primary original developer. The NSA has continued to contribute to SELinux over the years while with its increased adoption does see contributions from a wide range of individuals and organizations.

United States National Security Agency seal

With a lot of bad press for the NSA over the past decade due to various scandals, some open-source enthusiasts have questioned the NSA's involvement in SELinux and made other critical remarks. While there are NSA developers that remain involved with SELinux, beginning in Linux 6.6 the "NSA" references are being dropped -- in part to reflect that it's not an NSA-only affair.

selinux: de-brand SELinux
A portion of the patch entitled "selinux: de-brand SELinux" to remove NSA references.

The SELinux pull request was sent in today with adding a notice if virtual memory is executable by default, new network auditing helpers, various defenses improved, and more. What caught my attention with the PR was:
- Minor administrative changes

Stephen Smalley updated his email address and "debranded" SELinux from "NSA SELinux" to simply "SELinux". We've come a long way from the original NSA submission and I would consider SELinux a true community project at this point so removing the NSA branding just makes sense.

The patch that strips out the "NSA" references from the SELinux code and Kconfig text adds:
Change "NSA SELinux" to just "SELinux" in Kconfig help text and comments. While NSA was the original primary developer and continues to help maintain SELinux, SELinux has long since transitioned to a wide community of developers and maintainers. SELinux has been part of the mainline Linux kernel for nearly 20 years now and has received
contributions from many individuals and organizations.

So with Linux 6.6 and after about two decades of being inside the kernel, there are no longer any NSA SELinux references.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week