SELinux
Takehiko Abe
keke at gol.com
Tue Aug 31 23:29:25 UTC 2010
;;; sorry again -- my thunderbird habit does not work for your message
>> Well, please educate me. All I hear from advocates is "more
>> security" without a concrete example. You mentioned the danger of
>> emails get stolen without SELinux. Please give me the scenario. So
>> we can gauge the risk.
>
> Simple example. Daemons running under selinux can only access the
> things they are expected to be accessing. So if I was to crack your
> httpd [...]
I am sorry, but I assumed a desktop system all along. I believe that
is clear when I say that SELinux is not necessary for most. The
comments I quoted are /not/ about servers too.
And from the context it was clear that you talked about a browser
exploit when you said "its much harder to steal all my email, run off
with my credit card data or just be a nuisance."
I assume you know the chances that an average linux user actually get
exploited in that way is very low.
More information about the users
mailing list