Re: swapping

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 17.01.2015 12:54, Andrew R Paterson wrote:
> On Friday 16 January 2015 16:31:03 Gordon Messmer wrote:
>> On 01/15/2015 11:28 PM, Heinz Diehl wrote:
>>> Selinux requires at least basic knowledge and administration. Most of
>>> the people I installed Linux for didn't even know it was there or what
>>> it's good for.
>>
>> If you do not use file system permissions for something useful,
>> chmod -R a+w /
>>
>> File system permissions require at least basic knowledge and
>> administration.  Most of the people I installed Linux for don't even
>> know what they're good for.
>>
>> If your computer is single-user anyway, why does it need a security
>> subsystem?
>>
>>
>> *eyeroll*
> Having watched this debate I find I must add my own 10c
> I have spent over 30 years working on unix systems starting with xenix, bsd 
> and ending up with linux .....
> We survived quite happily using the well known DAC methods of standard UNIX.
> (UGO - RWX - setuid etc).
> Then I worked on some military systems (high security stuff) and started to use 
> SOLARIS CMW (Compartentalised Mode Workstation) and DEC MLS (Multi-Level-
> Security).
> These both use the same (probably not as up to date) MAC security via 
> labelling as (I guess) selinux.
> I can truthfully say I loved UNIX in all its forms until coming across CMW & 
> MLS and now SELINUX - then basically - I wanted OUT!.
> They are horrendous; if you start to use labelling in earnest - absolutely 
> suicidal!!! - unless you have a real motive - ie you work for the security 
> services or a bank or something  and have a massive amount of time to devote.
> Why do the selinux guys have to force MAC onto all linux users - even 
> hobbyists?
> Its getting like some kind of religion!
> 
> Andy
> 
> Andy
> 


Perhaps it's more pragmatic, something like
Free feEDback frOm useRs Arangement
F      ED       O     R  A
by Red Hat for the purposes of RHEL,
and there lies a profit, right.

Without it, maybe you could say Grsecurity is optimal model for Fedora.


-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux