A great article on why to use SeLinux

Tom Holroyd tomh at kurage.nimh.nih.gov
Sun Mar 2 14:01:55 UTC 2008 

I would also like to take this opportunity to vent about this:

=========
SEE ALSO
       The full documentation for chcon is maintained as a Texinfo
manual. If the info and chcon programs are properly installed at your
site, the command

              info chcon

should give you access to the complete manual.
=========

Guess what? info chcon gives me the man page. So what I am complaining
about is the use of the word "should" in a computer manual, without a
decent try at where to look in case it doesn't.

On Sun, 2008-03-02 at 08:34 -0500, Tom Holroyd wrote:
> On Sun, 2008-03-02 at 13:16 +0000, Marko Vojinovic wrote:
> 
> > It isn't important to understand how it works, but what it does. I see regular 
> > woes about selinux here on the list, mostly from people who didn't bother to 
> > read the manuals (myself included for one thread). Just do
> > 
> > man semanage, man chcon, man restorecon
> 
> Those are useful pointers, thanks.
> 
> > and find out that the whole thing behaves just as another layer of file 
> > permissions.
> 
> Some of the rules in selinux concern bad programming habits. It's not
> quite the same as permissions, because there is a choice; when something
> breaks, do I complain to the person who wrote the program? Yes, I
> should, but this doesn't solve the problem, it still doesn't work. Or
> should I chcon or do some other magic that makes the problem go away?
> The problem is still there, though. Yes, I should actually do both of
> these things. Of course, in my environment there is a big firewall
> around the whole place, and my little network doesn't see these threats.
> So it's not quite the same as permissions. It's more, this pile of
> software, which we cannot do without, despite that it was badly written
> ten or fifteen years ago but with good intent, needs to work please,
> now.
> 
> Dr. Tom
> --
> It is nobler to declare oneself wrong than to prove oneself right,
> especially when one is right. Only, one must be rich enough to do so.
> Thus spoke Zarathustra.
> 

Dr. Tom
--
Awake and listen, you that are lonely! From the future come winds with
stealthy wings, and to subtle ears good tidings are proclaimed. Thus
spoke Zarathustra.

More information about the users mailing list