On Fri, Jan 13, 2017 at 11:48:20AM PST, Daniel J Walsh spake thusly: > http://rhelblog.redhat.com/2017/01/13/docker-0-day-stopped-cold-by-selinux/ I have long been of the opinion that it is this sort of thing which best advocates the use of SELinux. We need more examples like this. I posted this to reddit a couple years ago: https://www.reddit.com/r/linux/comments/1xdokz/selinux_saved_our_asses_xpost_rselinux/ And just a few months ago we had another SELinux save. I would say that in the years I've been using SELinux I've probably seen 5 cases where SELinux successfully contained an attack. I wish I would have written them all up at the time. Those 5 saves definitely made it worth it. Check out the comments on that reddit post, Daniel. :) -- Tracy Reed
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
