[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux should be off by default in FC3



Once upon a time, Stephen Smalley <sds epoch ncsc mil> said:
> > For example lftp client understands chmod.   does it understand restorecon?
> 
> Not yet, AFAIK.  Nor will it likely ever if SELinux is disabled by
> default and it remains limited to a very small user community.

That doesn't really have much to do with SELinux being enabled or
disabled; it has more to do with coming up with a standard FTP extension
to handle additional security settings, getting it in an RFC, and
getting software authors to implement it.  It could be done as a SITE
command, but it still needs to be well-specified before anyone would
support it.

The basic fact is that FTP isn't going away for a long time to come.
With things like Kerberos and IPsec or even STARTTLS, FTP doesn't need
to go away.

-- 
Chris Adams <cmadams hiwaay net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]