Jonathan Underwood wrote:
On 17/10/2007, Jacques B. <jjrboucher@xxxxxxxxx> wrote:
SELinux may
APPEAR to be the root cause of all your problems. But it may only be
part of a chain reaction rooted somewhere else on your system.
SELinux may not be the cause, but perhaps the messenger, the visual
cue, the "chain" that you've now developed tunnel vision for and blame
for everything.
Jacques B.
Turn off SELinux and you may actually be simply medicating the
symptoms, not treating the root cause.
Exactly. I find it alarming that when confronted with symptom "SElinux
is throwing lots of warnings and errors that programs are trying to do
things not allowed by their security context" that Karl's first
reaction is to assume that there is a fault with SElinux, rather than
there's a security problem with his machine. For example, if my box
had been hacked, and then SElinux avc's were occurring, I would
seriously consider the possibility that SElinux is correct, but that a
rootkit had been installed on my machine.
First, there were things left by that nasty German. I think I have them all removed now. Since he only had free run of /home/karl it cramped his style I suspect.
Next, it is a FACT that if I turn SELinux OFF, all problems go away. If
I have it turned on there is no problem at all except when I get a
update to SELinux. This triggers the problem. I do not want to live in
fear of another SELinux update :-)
--
Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.