On 01/16/2015 01:57 PM, poma wrote: > On 16.01.2015 19:47, Daniel J Walsh wrote: >> On 01/16/2015 07:47 AM, Patrick O'Callaghan wrote: >>> On Fri, 2015-01-16 at 08:28 +0100, Heinz Diehl wrote: >>>> On 16.01.2015, Tim wrote: >>>> >>>>> Of course *you* do not *use* it, it's there as a protective device >>>>> against *things* on your system. >>>> Any recent Linux distribution can be secured without using selinux. >>>> Selinux requires at least basic knowledge and administration. Most of >>>> the people I installed Linux for didn't even know it was there or what >>>> it's good for. >>> You mean like the fuses in your house or the airbag in your car? When >>> Selinux is working you don't know it's there. When it alerts you it >>> means there's something wrong. I agree that the alerts are not always as >>> clear as they might be, but it's a fallacy to suggest that it doesn't >>> provide benefit. >>> >>> poc >>> >> Here is a case of SELinux protecting your house. >> >> http://danwalsh.livejournal.com/71122.html >> > Not to fall to false sense of security, does SElinux need SElinux? > > SELinux is the kernel, so does the Kernel need the kernel. But theoretically SELinux/Kernel can protect itself. We can prevent privileged processes (root) from manipulating the SELinux settings. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
