Re: SELinux - way of the future or good idea but !!!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Stephen Harris wrote:
> On Tue, Nov 30, 2010 at 03:11:24PM -0500, Lamar Owen wrote:
>> Reality check: IDC analysts have estimated Red Hat's share of the paid
>> commercial Linux market as 62%[1], [2], with Red Hat estimating higher
>> [3].  That's RHEL: which ships SELinux enabled, enforcing, targeted,
>> by default.  And, this being the CentOS list, we're in a default SELinux
>
> Reality check: how many of those installs are RedHat OOB installs with
> default options?  I know the 10,000 machines we have where I work are
> all meant to be "corporate standard" and this, by default, does _not_
> have SELinux enabled.

And how many reset them to permissive, or off, because enforcing breaks
what's been working?

And about apache... most of those attacks are preventable through
defensive configuration and coding for httpd itself. Looking to selinux to
protect you is very sloppy.
>
>> they should be supporting the default RHEL configuration.
>
> Shoulda, coulda, woulda... didna.

How many folks actually use the defaults? Hell, we don't use the default
partitioning scheme.

        mark

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux