Re: Migrating from ancient Fedora (was Fedora Core 5 EOL on 2007-06-29)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Jim Perrin wrote:
On 9/21/07, Mike McCarty <Mike.McCarty@xxxxxxxxxxxxx> wrote:


WRT SELinux, just disable it is my suggestion. Or perhaps
switch to another distro which is not yet infected.


Why yes, ignoring security or bypassing it alltogether rather than
learning how to protect your systems is an EXCELLENT idea. I highly

Sarcasm is unbecoming. I suppose you are unaware of the
long and bitter discussions on Fedora about SELinux?

recommend the 'head in the sand' approach. After all, if you can't see
the bad guys poking you're server, they're not actually doing it,
right?

SELinux does not prevent nor report people "poking your server".

Selinux is complicated, but it's getting far more easy to use than

SELinux is complicated, FULL STOP. It's a wrong-headed approach.

earlier versions (FC2 anyone?) and in combination with other tools, it
can provide a rock solid security system.

Any security system which is not already rock solid is not going
to be made any more secure from attack by adding SELinux. It might
possibly suffer somewhat less damage, though that's debatable.

For webservers, the belt+suspenders combination of mod_security and
selinux is damn near unbeatable.

You have personal experience with SELinux "saving" your system?

Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux