taharka escreveu: > Mike McCarty wrote: > >> I went and read the FAQ on selinux, especially the sections >> on FC2 since that is what I run. I have yet to read *why* >> one would want to run selinux on a machine like mine. The >> FAQ has a question which supposedly addresses this question, >> but there seem to be many presumptions about the system >> on which Linux is installed inherent in the answer, some >> or perhaps all of which do not seem to apply to my system. >> >> In short, they presume that there is some way that software >> gets onto my system without my being aware of it, but do >> not specify any means by which that might take place. >> >> Since the issue of how the "malware" gets onto my machine >> is completely bypassed, I consider the answer given in the >> FAQ to be, well, significantly incomplete. >> >> And augmenting the answer with "We don't know how it might >> get onto your machine" is, IMO, not an adequate answer. It >> begs the question. >> >> What I mean is, I ask "Why should I run selinux?" The answer >> then seems to be "We don't know, but if you don't bad things >> might happen to your system due to malicious programs." >> >> Mike > > > If you're interested, there's an excellent read on selinux, in the > August issue of "Sys Admin Magazine". Fortunately, this article can be > read online at: http://www.samag.com/documents/s=9820/sam0508a/0508a.htm > :-) Might make things a little clearer for you ;-) > > taharka > > Lexington, Kentucky U.S.A. > Hello, see too "The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments" (http://www.nsa.gov/selinux/papers/inevit-abs.cfm) Vinicius.
