SELinux survey (was RE: Stupid F7 boot loop)
Ralf Corsepius
rc040203 at freenet.de
Wed Aug 29 16:22:43 UTC 2007
On Wed, 2007-08-29 at 17:09 +0100, Alan Cox wrote:
> > Would any of you out there care to share with me any of your personal
> > experiences with SELinux being useful to you (in any way whatsoever), on
> > a single-user workstation?
>
> I leave it on
On a single-user workstation I'd leave it on, because the real issue
related to SELinux don't occur on single-user workstations, but in
networks, where SELinux tends to interfere with network services.
> and haven't had any problems with it for the past few
> releases.
Well, sometime earlier this week, an SELinux update caused my old i586
to run out of memory during a yum update - but that's definitely not a
typical situation.
I've also observed similar effects to occur during relabeling when with
mock installed (infinite recursions into /var/lib/mock).
> It makes a large subset of potentially exploitable holes turn
> into rather unexploitable ones and that to me is of value.
Ralf
More information about the users
mailing list