A great article on why to use SeLinux
Patrick O'Callaghan
pocallaghan at gmail.com
Fri Feb 29 14:32:06 UTC 2008
On Fri, 2008-02-29 at 08:41 +0000, klybear wrote:
> On Thu, 28 Feb 2008 09:31:05 +0900, John Summerfield wrote:
>
> > The only penetrations I've seen arrived by ssh. I don't think selinux
> > would have helped there; the sorts of restrictions I can think of would
> > also prevent the user from doing what users ought be able to do such as
> > download stuff (including email), sending email and so forth.
>
> I'm new full time linux user, having temped with one or two distros in
> the past, and I have to say that my experience of selinux has been
> frustrating. I never had any Selinux issues with Ubuntu or Debian, but
> since using Fedora, three of the four problems I've solved so far turned
> out to be related selinux permissions and the fourth one I'm still
> working on :)
AFAIK Selinux is disabled by default in Ubuntu and Debian. Note that you
can also disable it (or limit it to warnings) in Fedora.
poc
More information about the users
mailing list