Re: ejabberd 2.0.2 vs SELinux vs CentOS 5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Hi,

On Sat, Oct 4, 2008 at 12:43, nate <centos@xxxxxxxxxxxxxxxx> wrote:
>> so maybe I should disable SELinux
>> and be done with it.
>
> That's what I'd suggest too. SELinux isn't even installed on any
> of the systems I manage(roughly 350). Not worth the trouble.

That's a very bad advice.

SELinux is very useful as a security measure in Linux, and since RHEL5
(and CentOS 5) it has reached a good balance in terms of usability vs.
security. I admit that making it work under the previous versions was
very tricky, but with CentOS 5 it just works.

Of course you eventually have to tweak it to make it work for 3rd
party programs (such as in the OP's case). In that case, this page may
help you do it:
http://wiki.centos.org/HowTos/SELinux

SELinux is certainly complex and there is a steep learning curve, but
it's certainly worth learning how to use it and keeping it enabled.

Filipe
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux