> I am always amazed that people think shutting off a security > something-or-other for some-amount-of-time can be considered safe. > > It takes virtually the blink of an eye to get compromised. > > If you need to turn off a security feature to do something, then there's > something wrong with that /thing/ that required it. It could simply be > crap programming, or it could be malicious. And even crap programming > can be destructive outside of its own files. > really??? it could also be, prob often is.. is that the person who's doing X is simply trying to get something done, and not be a Sys Admin!!! Doing security right.. is an effort in understanding the nuances.. If you've been playing with OS X, than you might have insight into what's required. But someone who's not gotten into the "guts" of what something like SeLinux requires, might not have an understanding of what needs to be configured, or exactly how to configure it, etc.. Or configuring security (firewall, process restrictions, user restrictions, port issues, rootkit protections, file restrictions, etc.. ) might be fairly easy to setup, just not obvious to the casual user on how to do it. I haven't met a lot of people in my 30+ years of tech who just gloss over the impotance of security.. I have met alot who aren't sys admins.. and, even thought they create software projects from time to time.. wouldn't have a "clue" as to exactly how to set up a good secure system.. even thought they'd all say.. would be nice to do it!! peace On Sun, Jan 24, 2016 at 8:57 AM, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote: > On Sat, 2016-01-23 at 10:52 -0500, bruce wrote: >> So, if I create an instance, spin it up, fire off my tests on the >> instance, run everything for a few hours, and then shut it off, would >> that be "reasonably safe/secure"? > > I am always amazed that people think shutting off a security > something-or-other for some-amount-of-time can be considered safe. > > It takes virtually the blink of an eye to get compromised. > > If you need to turn off a security feature to do something, then there's > something wrong with that /thing/ that required it. It could simply be > crap programming, or it could be malicious. And even crap programming > can be destructive outside of its own files. > > -- > tim@localhost ~]$ uname -rsvp > > Linux 3.19.8-100.fc20.i686 #1 SMP Tue May 12 17:42:35 UTC 2015 i686 > > All mail to my mailbox is automatically deleted, there is no point trying > to privately email me, I will only read messages posted to the public lists. > > George Orwell's '1984' was supposed to be a warning against tyranny, not > a set of instructions for supposedly democratic governments. > > -- > users mailing list > users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Have a question? Ask away: http://ask.fedoraproject.org -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
