On Sat, 2011-09-24 at 21:19 -0300, Martin Cigorraga wrote: > Hi Andreas, > "SELinux has wasted too much time of my life over the years, > so I decided to no longer use it. I keep my computers up to date > and configure them properly. If that isn't enough, bad luck." > > You shoudn't have any problems at all... c'on, it's GNU/Linux! Even a > local > firewall is obsolete depending on what will be your system used for :D > And as you say SELinux is intrinsically complicated and bloated. If > you > ever need such type of protection try Tomoyo, something between > SELinux and Apparmor but better and actively developed. ---- don't know about tomoyo. Have some experience with apparmor on Ubuntu (seems weak / barely implemented / easily defeated) and of course SELinux. It seems that the team working on SELinux has substantially grown, the tools have matured, the processes more deeply identified and the support greatly enhanced and thus by any definition... actively developed. Your choice not to use it is of course your own but I can assure you that it is indeed possible to use it, create a reasonably effective security layer through it with a minimum level of difficulty - or at least a manageable level of difficulty if you are pre-disposed to creating files in one location and moving them to an entirely different location which is certain to create contextual problems. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
