On Sat, 01 Mar 2008 11:43:56 -0800 Konstantin Svist <fry.kun@xxxxxxxxx> wrote: > The worst part is, I had to concentrate to understand > what the page is telling me - and I'm a CS major :P > The average Joe won't even go this far - in other words, he won't > understand how to work with it - meaning it's NOT suited for desktops. How does that differ from any other aspect of Linux? :-). Actually selinux is really simple to understand if you concentrate on the actual reason it exists (not all the so-called benefits that are touted all the time): Government contracts often call for an "advanced security system". The advanced security systems vendors offer in their bids will be often be evaluated by the NSA to see if the system meets the requirements. The NSA wrote most of selinux. QED. All the anti-hacking benefits of selinux can be achieved in a vastly simpler fashion by merely removing the CPU chip(s) from your motherboard, and you'll have a system that is just as useful for getting real work done and just as secure :-).
