Re: SELinux and access across 'similar types'

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Sat, Jan 7, 2012 at 8:19 AM, John R. Dennison <jrd@xxxxxxxxxxxx> wrote:
>
> I'm truly sick of the "*cry* selinux makes things _hard_ *cry*"
> whining from not only users but hosting providers and alleged
> "administrators" that are, at the root of it, too lazy to figure out how
> to properly use selinux and similar technologies.

To be fair, it was true for years.  Mostly the packaging has been
fixed so it usually works now if you don't change too much.   But
don't forget that there is some justification for end users making
this complaint.  Selinux is really a second layer of defense that
should really only come into play because programming correctly is
'too hard' for the developers.  But, look at the changelogs and the
history of vulnerabilities  and you'll realize that part isn't likely
to ever change.

-- 
  Les Mikesell
     lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux