FC2: Audit errors on /var/log/messages (SELinux (?) newbie)
T. 'Nifty New Hat' Mitchell
mitch48 at sbcglobal.net
Mon Jun 7 18:20:19 UTC 2004
On Sun, May 23, 2004 at 01:58:20PM -0700, Rami Saarinen wrote:
....
> > (audit is new to me, I assume it has something to do with selinux?).
> > Below is a bit of messages log created during the boot.
....
> Oh, just as I had posted this message I found the "Fedora Core 2 test2
> SELinux FAQ" at http://mindstorm.ath.cx:8080/fedora-docs/selinux-faq-en/
>
> That clears out many questions, but does anyone have any good reasons why
> I should have SELinux turned on? The machine is connected to the internet
> just few hours a day and I have all the services off on the
> system-config-securitylevel.
At this point a single user machine with all service connections
turned off there is no compelling reason to run SELinux.
The whole purpose of SELinux is to place limits on applications and
users to improve the security of user data and compartmentalize
activities. It it is only you why bother because there are no groups
or activities to isolate. So except for education and caution why
bother.
However in the context of large user count machines and large
enterprises SELinux will find a home.
For me the education part is important.
--
T o m M i t c h e l l
/dev/null the ultimate in secure storage.
More information about the fedora-list
mailing list