On 9/21/07, Timothy Murphy <tim@xxxxxxxxxxxxxxxxxxxxxx> wrote: > Arthur Pemberton wrote: > > >> > Mambo Exploit Blocked by SELinux > >> > http://interactive.linuxjournal.com/article/9176 > >> > >> > >> OK, that is getting nearer; > >> but as far as I can see, the guy in this case > >> was running some kind of web development server (Mambo) on his machine, > >> and a hacker had targeted this particular server. > >> > >> I wouldn't be doing anything so esoteric, > >> so still wouldn't feel in great danger. > >> Also, I was struck by the amount of trouble the man had to go to > >> to work out what had happened. > >> I wouldn't be up to that, so SELinux in this case > >> would be wasted on me. > > > > > > So because you do not deploy such apps, does it make it usless? Or are > > you not one of those who hold that SELinux is entirely a waste of > > time? > > Sigh. > I didn't say SELinux was useless. > I said I run it in permissive mode, > and hope one day to have time and inclination to see what it finds. > > I was speaking purely personally; > I don't feel under imminent attack from anything that SELinux might stop, > just as I don't feel it likely a suicide bomber will target my home. > One has to make a rough internal estimate > of the likelihood of different disasters. > It is 1000 times more likely that my wife will spill coffee on my laptop > than it is that someone will get through my firewall and edit my files. Cool, hence why I put in the 'or' in my question. -- Fedora 7 : sipping some of that moonshine ( www.pembo13.com )
