On Wed, 2009-04-08 at 08:06 +0200, Uwe Kiewel wrote: > Craig White schrieb: > > On Tue, 2009-04-07 at 23:18 +0200, Uwe Kiewel wrote: > >> max bianco wrote: > >>>> SELinux was in fact the issue ! > >>>> > >>>> Thanks for your help > >>>> -- > >>> If you think you need to add policy rules , ask on fedora-selinux > >>> first. The webserver policy is pretty well tested and there are > >>> several booleans that usually will cover most of your needs. > >>> > >> The question is: Does he need selinux? For a normal server it is too > >> paranoid I think. SElinux is the first thing I switch off after the setup. > > ---- > > I can see how life's easier when you disable technologies that > > contribute to the overall security of your systems but I can't see the > > logic of boasting about it. > > > > My point of view: Use the technologies you need in your specific case - > do not use every technology you could use. > > Fedora enables SElinux by default - other distributions do not so. ---- Those are separate issues. Fedora is an edge distribution that drives Linux development in ways that few other distributions can. RHEL (and it's various derivatives) definitely use SELinux and I find that like all other technologies, I begin to grasp how they work over time so the more I am exposed to the care and feeding, the more I understand. Other distributions - some of them have them but their adoption is miniscule because it's not mandatory. Security always seems to mean that you have to endure the learning curve in order to implement. SELinux...yeah, it's like that. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
