2008/4/1, Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx>: > Mark wrote: > > > > > I'm interested in trying it out and having a secured linux machine but > > not this way. Once it's illnesses are fixed (if that ever gets done) > > and selinux only spits out warnings like every other firewall is doing > > than i will probably use it by default as well. Just not now because > > of the reasons i told a few times now. > > > You keep repeating it but note that SELinux is not a firewall and > doesn't behave like one because it isn't one. > > http://fedoraproject.org/wiki/SELinux > > Rahul Reading this: http://www.nsa.gov/selinux/info/faq.cfm#I1 (point 1., 2. and 3.) reminds me a great deal of Vista's UAC which i also turn off as soon as i encounter it. If i get the idea (correct me if i'm wrong) than selinux is isolating a application just like you as a user are isolated in yout user account. and if a attacker attacks a piece of software it can only effect that part of the software.. o well if that's the case than it's more than a firewall indeed but it's still irritating. Also if i )as a user) run a application and a attacker strikes that application than the attacker still can't do more than i as a user can do so it doesn't seem to add that much advantage. But i might be wrong..?? -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
