Re: SELinux last straw

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/18/07, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:

> The place it can hurt is if it causes enough problems that some number
> of users don't don't upgrade to the versions that use it or don't do
> timely updates because they have a history of introducing new problems.
>   This drops your first and best line of defense.

Les, please... this is a public list. Do not spread FUD... there is no
history of SELinux updates causing problems.

> > In a corporate environment it's obviously very different.  Using
> > different means of access control, using other layers of security such
> > as SELinux, implementing physical security measures, are all things
> > that need to be done, and properly.
>
> If you are introducing Linux as something new you can do that.
> Otherwise you have to be very careful not to break existing programs and
> infrastructure with changes and updates.

I don't see why there should be a requirement of being new.

> > I read somewhere online a while back where they hooked up various
> > unpatched Windows systems (different generations of it) and unpatched
> > Linux systems (don't remember the distros) to the web totally
> > unprotected.  The various Windows versions were all compromised within
> > minutes to hours.  None of the Linux ones were.  However when all the
> > updates were applied to these boxes none of them were compromised (no
> > Windows boxes and no Linux boxes).


> If you want a distribution to be more secure in actual use, you have to
> make it painless to update and never break anything that previously
> worked - otherwise some number of people just won't do it.

You do realise that there are different distros, and each has their
niche. Fedora's niche is being fast pace, some would argue not fast
enough.

-- 
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux