SELinux

Kostas Sfakiotakis kostassf at cha.forthnet.gr
Fri Jan 21 16:03:20 UTC 2011


On 21/01/2011 07:02 πμ, James McKenzie wrote:
>  On 1/20/11 2:30 PM, Kostas Sfakiotakis wrote:


>  As Tim said: You are not only affecting yourself but by default
>  every other user of the Internet if you get infected with a
>  virus/worm/trojan horse/spyware.

As  i wrote to Tim a minute ago did i read an IF over there ???
Since as u say it´s IF and WHEN i get infected then i will
cause problems to others.

>  SELinux is designed to prevent that level of stupidity.
 >Sorry, but you have to read through several RFCs to understand
 >your ability to screw things up royally when you are on
>  the Information Superhighway. Please take time and read RFC 1087.
>  It basically spells out YOUR responsibilities when driving there.

I would gladly take some pointers . As  for RFC 1087 since i don´t
think that i have a local copy of it but i guess rfc-editor has .
I will get a copy of it in a couple of hours since now i have to run to 
work .

>  How would you feel if failure to use SELinux infects hundreds
 > if not thousands of systems with a virus?

Not very well i guess .

>  How would you feel if not using SELinux saves your work from being
>  inadvertently destroyed?

Well i never stopped using SELinux , just in case something that
SELinux  was doing something good and i didn´t have an idea about it .
For this particular subject that I opened the thread in the first place
besides disabling execstack with the information provided in this very
thread ( on all system libraries , not just those of Acrobat Reader ) i 
just
updated  my computer since that would probably resolve the issue ( well
that was suggested and it actually resolved the problem ) . Don´t
take me wrong if i was aware of all the RFCs that u mention above i would
gladly take time and read them . But since my normal work doesn´t have to
do with RFC studying i am not doing it . Do also consider that if am 
unaware
that something is out there then am not going to prevent myself  from
running into it .






More information about the users mailing list