On Tue, Apr 04, 2006 at 01:51:13AM -0500, Mike McCarty wrote: > >I guess it's a throw out the baby with the bathwater thing. > > [snip] > > I consider it throwing out the hogwash. IMO, SELinux is a > wrong-headed approach to security. I disagree. Things like SELinux/RSBAC/grsecurity+PaX can add a further defense layer in system hardening. However, policies need to be well-maintained in order for it to work smooth for the end user. Maybe, someday SELinux would work smoothly in a bleeding edge system like FC (does it work in RHEL?). That time however is not yet. -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
Attachment:
signature.asc
Description: Digital signature
