On Sat, 2007-09-22 at 08:50 +1000, Res wrote: > On Fri, 21 Sep 2007, Alan Cox wrote: > > >> so your suggesting we should make ourselves suffer for no reason just for > >> the hell of it? selinux offeres no, i repeat NO advantage over what our > >> normal security is now. > > > > Nobody competent to assess that I know of would agree with that statement. > > You cant know many people, or at least know many that run a myriad of > programs, paying customers get to run what they want, when they want. > > I note you neglected to include and comment on the fact that if a box is > taken it *is* taken and theres not a thing selinux can do shit about it, > sure selinux might be all dandy for some cluless tart who has nfi about > securing their pc and is directly connected to the net, but to large > ISP's its a complete hinderance and nuisance, but since we have ceased use > of all RH products as servers as at EOL of RH9 (the last decent RH > released product) and moved them all to slackware, we dont have any > problem, tried earlier fedoras, but that was never going to last with so > little update maintenance time frames and instability and unreliability > (fair enough as RH have said its not designed for our uses), at least if > we install say sendmail or bind we have one package, not 3 or however > many its up to now, and we dont have it butchered and customised to suite > RH, since the move to Slackware on servers we have not looked back at all > and stability and reliability is excellent, ongoing updates in at least > equal to RHES time frames, in some cases exceeds 5 years, and to see the > the lack of maintenance required, one only has to look at the update repos > for slackware and fedora, granted slackware doesant come with as much as > fedora, nor does it come with gnome anymore, but compare the programs that > it has to fedoras and because of RH's butchering and patching to suite > their way of life (smells more like m$ every day) you can see the > difference. ---- do you have the slightest clue who you are talking to here? since you obviously don't... http://www.google.com/search?hl=en&q=Alan+Cox+Red+Hat+kernel&btnG=Search -- Craig White <craig@xxxxxxxxxxxxx>