On 16.01.2015 20:35, Daniel J Walsh wrote: > > On 01/16/2015 01:57 PM, poma wrote: >> On 16.01.2015 19:47, Daniel J Walsh wrote: >>> On 01/16/2015 07:47 AM, Patrick O'Callaghan wrote: >>>> On Fri, 2015-01-16 at 08:28 +0100, Heinz Diehl wrote: >>>>> On 16.01.2015, Tim wrote: >>>>> >>>>>> Of course *you* do not *use* it, it's there as a protective device >>>>>> against *things* on your system. >>>>> Any recent Linux distribution can be secured without using selinux. >>>>> Selinux requires at least basic knowledge and administration. Most of >>>>> the people I installed Linux for didn't even know it was there or what >>>>> it's good for. >>>> You mean like the fuses in your house or the airbag in your car? When >>>> Selinux is working you don't know it's there. When it alerts you it >>>> means there's something wrong. I agree that the alerts are not always as >>>> clear as they might be, but it's a fallacy to suggest that it doesn't >>>> provide benefit. >>>> >>>> poc >>>> >>> Here is a case of SELinux protecting your house. >>> >>> http://danwalsh.livejournal.com/71122.html >>> >> Not to fall to false sense of security, does SElinux need SElinux? >> >> > SELinux is the kernel, so does the Kernel need the kernel. > You've probably wanted to write, SELinux is a Linux(kernel) feature. But in some another context, the kernel needs the kernel, and not only. > But theoretically SELinux/Kernel can protect itself. We can prevent > privileged processes (root) from manipulating the SELinux settings. > Can SELinux, AppArmor and Grsecurity perform together, to achieve an even greater level of security? -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org