How best get rid of SELinux?
Alan M. Evans
fedoralist at alanevans.org
Fri Sep 21 14:24:23 UTC 2007
On Fri, 2007-09-21 at 05:44 -0600, Karl Larsen wrote:
> This whole thing reads to me that SELinux is the linux version of
> Norton or Avguard to Windows. It will capture and keep the offending
> file from doing it's worst.
Well then, you're reading it wrong. That's not what SELinux does.
> My friends with Windows cuss both software because it makes a mess
> out of doing normal things like installing new software.
>
> There are very few Linux users. There are millions of Windows users.
> A guy writing a virus will write it for Windows every time! Now days
> they are spending time in prison.
It's not like root exploits don't happen in Unixland. The same guy might
write a trojan that attempts to fool the web server into providing
access that that server should never need to have access to. Or he might
exploit a bug in Firefox for the same purpose. This is what SELinux is
for.
Not dealing with potential security risks because, at present, Linux
seems like a small target sounds rather like burying our heads in the
sand.
> So I decided to turn off SELinux even though it was not the thing to
> do according to the loader. I am glad I did so. I don't need the Norton
> problem on my F7.
Aren't you glad you have that prerogative? For your sake, I hope that
the authors of all the programs you do use perform thorough security
audits.
More information about the users
mailing list