On Sat, 2006-04-01 at 17:48 -0800, Kam Leo wrote: > On 4/1/06, Craig White <craigwhite@xxxxxxxxxxx> wrote: > > On Sun, 2006-04-02 at 03:01 +0300, Caser wrote: > > > Hi to all, > > > is there any risk if i disable SElinux > > > i have only one user (of course with root) > > ---- > > SELinux is not just about systems with local account access but about > > security layering so that if one element is broken, the machine isn't > > necessarily completely compromised. > > > > Is there any risk if you disable SELinux? Yes > > > > Should you care is the question you are apparently asking - and the > > answer I would give you is yes but it's a determination you have to make > > yourself. > > > > Craig > > > > With SELinux disabled Fedora Core is no better nor worse in regards to > security than other Linux distributions such as SUSE, Debian, or > Ubuntu. In other words, assuming SELinux in the only thing that makes Fedora security better, turning off SELinux would it no better than SUSE, Debian or Ubuntu and if you turn off outgoing filters to a firewall then you are no worse than Windows and thats the problem with defining yourself in terms of the competition. Whether SELinux is good for security of your system is better understood but reading about the problem that is trying to solve which pretty much applies to any kind of system. http://fedora.redhat.com/docs/selinux-faq-fc5/#id2730692 If you like a screencast, http://www.redhat.com/v/swf/SELinux/ Other references at http://fedoraproject.org/wiki/SELinux/ Rahul
