Re: selinux eradicator?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



on 6/28/2007 4:38 PM, Todd Zullinger wrote:
> David Boles wrote:
>> Good for you!!!!
>>
>> What you just did was something like:
>>
>> Build a house.
>> Put everything valuable that you own into it.
>> Disable all of the locks.
>> Open all of the windows and doors.
>>
>> And then walk away.
>>
>> Makes it really easy for the 'bad guys' to steal, or break, your
>> stuff.  Like that guy at the University that you mentioned earlier.
> 
> So you're claiming that with SELinux disabled, a linux computer has
> almost no protection from abuse?  Please back that claim up with data
> to prove it.  Either that or lay off the hyperbole, please.
> 
> SELinux is yet another layer of security on a reasonably secure OS.
> But I've had servers running on the net for years that have not been
> successfully hacked.  And I sleep fine at night without any feeling
> that my windiws and doors are all open to the world.
> 

No I am not. But if you look very carefully at what SELinux actually does
it might make sense to you. All of those 'really bad boy' Trojans,
key-loggers, pop-ups' and stuff like that get to 'do their thing' in
Windows because there is nothing watching and saying 'now wait a minute -
what do you think you are doing here? No you don't'. With SELinux you can
make 'exceptions' for certain things just like you do with your firewall.

Oh yeah. I forgot.  That 'stuff' does not affect Linux. Yet. But it will.
Someday. Just as soon as the 'bad boys' start to think of Linux as a real
OS and not a Geek Toy for funny looking home users.  ;-)

And the people most vulnerable? Those that use precompiled, closed source,
applications and files.

You want to disable it for yourself? Sure. Help yourself Do that. But to
suggest that everyone do that because you find it a PITA is wrong. IMHO.
-- 

  David


Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux