On Wed, Sep 01, 2010 at 00:14:09 +0900, Takehiko Abe keke@gol.com wrote:
;;; sorry other one goes straight to you
Linus is not exactly famous for his ability to understand security concepts. I find the fact your argument is produced by google and cut/paste rather than technical material ... enlightening
Well, please educate me. All I hear from advocates is "more security" without a concrete example. You mentioned the danger of emails get stolen without SELinux. Please give me the scenario. So we can gauge the risk.
If you read email you need selinux. If you read email with a client that fires up plugins to read special content (e.g. html, pdfs, flash) then you really need selinux.
If you use a web browser to view more than a short list of trusted sites, you need selinux.
If you run network services accessible from outside the machine then you need selinux.
If you run binaries from semitrusted groups (this includes most commercial software) then you need selinux.