On 05/15/2014 04:29 PM, csn233 wrote:
2. SELinux With Squid, normally you don't let end-users on the same server. In you don't have end-users on the same server, from a technical point of view, SELinux doesn't add value. If you have end-users on the same box, you probably have other issues to deal with first.
You are right about it but note that squid is a tiny service which allows and provides cache. There are many places which a proxy on a mainframe is there to help enforce couple policies and allowing access to resources that otherwise cannot be accessed. So for a 40+- CPUs\cores(real) system that can let more then 100 people have a nice desktop with good performance for work purposes (no videos).
So indeed in many cases the proxy admin is the only one that works on it but this is not the whole world.
Eliezer
