Rahul Sundaram wrote:
Andrew Kelly wrote:
At any rate, let's assume that SELinux is mature and ripe, that it
interferes with nothing and there are no more issues with updates and
whatnot. It's landed, and can be deployed without worry.
What exactly do I gain by doing it? What have I protected myself from?
If you understand what SELinux is, the gain is immediately obvious. Here
is a recent article
http://www.redhatmagazine.com/2007/05/04/whats-new-in-selinux-for-red-hat-enterprise-linux-5/
This article doesn't explain whether it follows standards or will always
be a single-supplier non-standard extension. If you are using SELinux,
can you still transparently replace your local disks with network mounts
where the systems hosting the disks are appliances or running some
other OS? If you can't do that today, is the standard published to
permit it eventually?
--
Les Mikesell
lesmikesell@xxxxxxxxx