swapping

[poma]

On 17.01.2015 12:54, Andrew R Paterson wrote:
> On Friday 16 January 2015 16:31:03 Gordon Messmer wrote:
>> On 01/15/2015 11:28 PM, Heinz Diehl wrote:
>>> Selinux requires at least basic knowledge and administration. Most of
>>> the people I installed Linux for didn't even know it was there or what
>>> it's good for.
>>
>> If you do not use file system permissions for something useful,
>> chmod -R a+w /
>>
>> File system permissions require at least basic knowledge and
>> administration.  Most of the people I installed Linux for don't even
>> know what they're good for.
>>
>> If your computer is single-user anyway, why does it need a security
>> subsystem?
>>
>>
>> *eyeroll*
> Having watched this debate I find I must add my own 10c
> I have spent over 30 years working on unix systems starting with xenix, bsd 
> and ending up with linux .....
> We survived quite happily using the well known DAC methods of standard UNIX.
> (UGO - RWX - setuid etc).
> Then I worked on some military systems (high security stuff) and started to use 
> SOLARIS CMW (Compartentalised Mode Workstation) and DEC MLS (Multi-Level-
> Security).
> These both use the same (probably not as up to date) MAC security via 
> labelling as (I guess) selinux.
> I can truthfully say I loved UNIX in all its forms until coming across CMW & 
> MLS and now SELINUX - then basically - I wanted OUT!.
> They are horrendous; if you start to use labelling in earnest - absolutely 
> suicidal!!! - unless you have a real motive - ie you work for the security 
> services or a bank or something  and have a massive amount of time to devote.
> Why do the selinux guys have to force MAC onto all linux users - even 
> hobbyists?
> Its getting like some kind of religion!
> 
> Andy
> 
> Andy
> 


Perhaps it's more pragmatic, something like
Free feEDback frOm useRs Arangement
F      ED       O     R  A
by Red Hat for the purposes of RHEL,
and there lies a profit, right.

Without it, maybe you could say Grsecurity is optimal model for Fedora.