SELinux survey (was RE: Stupid F7 boot loop)
Bruno Wolff III
bruno at wolff.to
Thu Aug 30 15:49:06 UTC 2007
On Wed, Aug 29, 2007 at 17:17:12 +0200,
Andrew Kelly <akelly at corisweb.org> wrote:
>
> Would any of you out there care to share with me any of your personal
> experiences with SELinux being useful to you (in any way whatsoever), on
> a single-user workstation?
Currently it limits damages if a network service is compromised.
You might find the guest user policy if F8 more useful. Without SELinux,
giving someone you don't completely trust access to your systems is very
dangerous. The guest SELinux policy will greatly reduce that risk.
I haven't had any serious problems with SELinux on recent version of
Fedora, except when I tried playing with MCS and found that didn't work
in a way that was very useful and I spent a fair amount of effort trying
to remove the MCS labels that got added places I didn't want them.
More information about the fedora-list
mailing list