Personal firewall replaced by SELinux ?
David Balazic
david.balazic at hermes.si
Tue Apr 20 12:29:51 UTC 2004
Hi!
Since SELinux can control network access, is the personal firewall ( the
thing that is installed in simple workstation
install, since FC1 IIRC, I don't know what its name is, I believe it is the
kernel packet filter ) obsoleted by it ?
With other words, can SELinux give the same (or mostly same) functionality ?
Note that I am not talking about any routing setup, but a single
workstation/server with a single network interface.
IMHO, putting a single line of check into the listen() function is much more
elegant than a complex packet analyzer
with its complex rules.
Regards,
David
P.S.: If this was already discussed, I apologize and ask you just to point
me to the existing discussion.
----------------------------------------------------------------------------
-----------
David Balazic mailto:david.balazic at hermes.si
HERMES Softlab http://www.hermes-softlab.com
Zagrebska cesta 104 Phone: +386 2 450 8851
SI-2000 Maribor
Slovenija
----------------------------------------------------------------------------
-----------
"Be excellent to each other." -
Bill S. Preston, Esq. & "Ted" Theodore Logan
----------------------------------------------------------------------------
-----------
More information about the fedora-test-list
mailing list