On Sun, May 23, 2004 at 01:58:20PM -0700, Rami Saarinen wrote: .... > > (audit is new to me, I assume it has something to do with selinux?). > > Below is a bit of messages log created during the boot. .... > Oh, just as I had posted this message I found the "Fedora Core 2 test2 > SELinux FAQ" at http://mindstorm.ath.cx:8080/fedora-docs/selinux-faq-en/ > > That clears out many questions, but does anyone have any good reasons why > I should have SELinux turned on? The machine is connected to the internet > just few hours a day and I have all the services off on the > system-config-securitylevel. At this point a single user machine with all service connections turned off there is no compelling reason to run SELinux. The whole purpose of SELinux is to place limits on applications and users to improve the security of user data and compartmentalize activities. It it is only you why bother because there are no groups or activities to isolate. So except for education and caution why bother. However in the context of large user count machines and large enterprises SELinux will find a home. For me the education part is important. -- T o m M i t c h e l l /dev/null the ultimate in secure storage.
