SELinux on single-user box?
Paul Howarth
paul at city-fan.org
Thu Jun 16 06:59:17 UTC 2005
On Wed, 2005-06-15 at 14:19 -0500, Phillip T. George wrote:
> Ben Steeves wrote:
>
> >Hi Folks,
> >
> >I'm not trying to start a flamewar or anything, this is an innocent question:
> >
> >Is there any compelling reason to run SELinux on a home system that is
> >mainly "single-user" if you are running a well-configured firewall
> >with almost all services turned off or filtered?
> >
> >I notice a lot of posts (the NVidia driver one most recently) that
> >report problems going away when SELinux is disabled. I don't enable
> >it on my home machine for this very reason.
> >
> >
> >
> Ben,
>
> SELinux is not necessary on ANY configuration. We've lived without it
> before :) It is highly recommended, because its ANOTHER level of
> security, but if its just a box at home, I wouldn't worry about it so much.
I have it turned on so that I can gain experience with it, which is
handy when I come to deal with an Internet-connected box where SELinux
has more obvious benefits.
Paul.
--
Paul Howarth <paul at city-fan.org>
More information about the users
mailing list