Picked out of the getting rid of SELinux thread on this list, originated by me, and now made a thread of its own, also by me -- because, while still as interesting as ever, especially to me, it has broadened enough that people seeking help specifically with SELinux would be apt to overlook it. (Or at least I would.) On Fri, 21 Sep 2007 09:44:37 +0100, Andy Green wrote: [....] I strongly believe > that you can't inherently trust machines on any internal network any > more than those outside. There was an interesting thread about this on > Full Disclosure the other week with some guy going on about how he would > heroically jump in the way of any foreign "cyber attack" from boxes in > $COUNTRY and lend his powers to repelling it, etc. A guy replied > shortly pointing out that the attack comes from the machine next to you, > not some easily identified foreign box. And that is exactly what we see > with worms and viruses. [....] Since the context (I think) involves LANs and suchlike things, you must mean "physically next," not just electronically via the Net, right? Iow, if I run some app that discovers malware on linux boxes, and find some on one of the machines on my desk, it will more likely have come from one of my others that off the Net or the Web, right? But surely that machine here, or some machine here, got it in the first place electronically? I seem to be getting more confused than usual here .... -- Beartooth Staffwright, PhD, Neo-Redneck Linux Convert Remember I know precious little of what I am talking about.