On Sunday, November 28, 2010 10:50 PM, Scott Robbins wrote: > On Sun, Nov 28, 2010 at 09:14:43PM +0800, Christopher Chan wrote: > >>> >>> I think it is easier/cheaper to use hardware firewalls and idp systems >>> to protect servers than fight with selinux on each server. >>> >>> SELinux tuning might work on companies with unlimited resources like >>> NSA .. or if you run server at home with unlimited free time to tune >>> it up. >>> >> >> Are you some secret agent for botnets? I know they love to get their >> hands on Linux boxes for use as their command centres for their Windows >> drones. > > Sigh. I don't think people have the right (or ability) to > judge another person's situation. > > So.... > > Judging from this, every AIX, Solaris, and BSD administrator are botnet > agents. As well as Debian server farms. > If they are die-hard don't lock down because it's too troublesome chaps then yeah! Two other schools got their box hacked through phpmyadmin because the chap at HQ failed to locked down. I had to show him how to turn on SELinux and also figure out from the logs how the bot was uploaded. I had never done SELinux before that but I got it mostly sorted within a morning and completely sorted in two days for some stuff that did not initially show up. This was a Moodle box with a mysql backend. I, therefore, cannot see any excuse for disabling SELinux. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: SELinux - way of the future or good idea but !!!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: centos@xxxxxxxxxx
- Subject: Re: SELinux - way of the future or good idea but !!!
- From: Christopher Chan <christopher.chan@xxxxxxxxxxxxxxx>
- Date: Mon, 29 Nov 2010 07:12:34 +0800
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <20101128145054.GA51695@xxxxxxxxxxxxxxxx>
- User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.15) Gecko/20101027 Thunderbird/3.0.10
- References:
- SELinux - way of the future or good idea but !!!
- From: Alison
- Re: SELinux - way of the future or good idea but !!!
- From: Patrick Lists
- Re: SELinux - way of the future or good idea but !!!
- From: Benjamin Franz
- Re: SELinux - way of the future or good idea but !!!
- From: Marko Vojinovic
- Re: SELinux - way of the future or good idea but !!!
- From: Nico Kadel-Garcia
- Re: SELinux - way of the future or good idea but !!!
- From: John R. Dennison
- Re: SELinux - way of the future or good idea but !!!
- From: Nico Kadel-Garcia
- Re: SELinux - way of the future or good idea but !!!
- From: Eero Volotinen
- Re: SELinux - way of the future or good idea but !!!
- From: Christopher Chan
- Re: SELinux - way of the future or good idea but !!!
- From: Scott Robbins
- SELinux - way of the future or good idea but !!!
- Prev by Date: Re: SELinux - way of the future or good idea but !!!
- Next by Date: Re: SELinux - way of the future or good idea but !!!
- Previous by thread: Re: SELinux - way of the future or good idea but !!!
- Next by thread: Re: SELinux - way of the future or good idea but !!!
- Index(es):
 |