Fedora (again) forces me to disable SELinux
Mark
markg85 at gmail.com
Tue Apr 1 01:33:06 UTC 2008
2008/4/1, Rahul Sundaram <sundaram at fedoraproject.org>:
> Mark wrote:
>
> >
> > I'm interested in trying it out and having a secured linux machine but
> > not this way. Once it's illnesses are fixed (if that ever gets done)
> > and selinux only spits out warnings like every other firewall is doing
> > than i will probably use it by default as well. Just not now because
> > of the reasons i told a few times now.
>
>
> You keep repeating it but note that SELinux is not a firewall and
> doesn't behave like one because it isn't one.
>
> http://fedoraproject.org/wiki/SELinux
>
> Rahul
Reading this: http://www.nsa.gov/selinux/info/faq.cfm#I1 (point 1., 2.
and 3.) reminds me a great deal of Vista's UAC which i also turn off
as soon as i encounter it. If i get the idea (correct me if i'm wrong)
than selinux is isolating a application just like you as a user are
isolated in yout user account. and if a attacker attacks a piece of
software it can only effect that part of the software.. o well if
that's the case than it's more than a firewall indeed but it's still
irritating. Also if i )as a user) run a application and a attacker
strikes that application than the attacker still can't do more than i
as a user can do so it doesn't seem to add that much advantage. But i
might be wrong..??
More information about the fedora-devel-list
mailing list