On Wed, 2006-03-01 at 09:20 -0800, Michael Thomas wrote: > Rudolf Kastl wrote: > > id personally suggest to treat gamedaemons like other daemons and > > create seperate system users for the game server processes. > > A server is a server. Functionality differs but is rather irrelevant > > in my eyes regarding the system users for the services. > I won't argue that it would be more secure, but couldn't security also > be accomplished with an appropriate set of selinux policies? Only if you have selinux enabled. Make it (more) secure FIRST. Then add additional security from selinux. What you don't want is someone ending up insecure just because they have selinux turned off. That's a wrong answer. That's then depending on selinux for your security rather than using selinux to enhance your security. Too many eggs in one basket. > --Mike > -- Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw WittsEnd com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
Attachment:
signature.asc
Description: This is a digitally signed message part