Re: A great article on why to use SeLinux

---

• From: Thompson Freeman <tfreeman@xxxxxxxxxxxxxxxxxx>
• Date: Fri, 29 Feb 2008 09:48:09 -0500

---

On 02/29/2008 09:32:06 AM, Patrick O'Callaghan wrote:

On Fri, 2008-02-29 at 08:41 +0000, klybear wrote:
> On Thu, 28 Feb 2008 09:31:05 +0900, John Summerfield
wrote:
>
> > The only penetrations I've seen arrived by ssh. I
don't think selinux
> > would have helped there; the sorts of restrictions I
can think of would
> > also prevent the user from doing what users ought be
able to do such as
> > download stuff (including email), sending email and so
forth.
>
> I'm new full time linux user, having temped with one or
two distros in
> the past, and I have to say that my experience of
selinux has been
> frustrating. I never had any Selinux issues with Ubuntu
or Debian, but
> since using Fedora, three of the four problems I've
solved so far turned
> out to be related selinux permissions and the fourth one
I'm still
> working on :)

AFAIK Selinux is disabled by default in Ubuntu and Debian.
Note that you
can also disable it (or limit it to warnings) in Fedora.

AFAIK, Ubuntu is applying Apparmour(sp??), not selinux. IMHO apparmour has some security value but not a whole lot due to a more limited coverage. YMMV of course, and I'm making no warrentee or anything else here.

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

---

• Follow-Ups:
  • Re: A great article on why to use SeLinux
    • From: max bianco

• References:
  • A great article on SeLinux
    • From: Jim
  • Re: A great article on why to use SeLinux (was: a great article on SeLinux)
    • From: Lamar Owen
  • Re: A great article on why to use SeLinux
    • From: John Summerfield
  • Re: A great article on why to use SeLinux
    • From: Patrick O'Callaghan

• Prev by Date: Re: A great article on why to use SeLinux
• Next by Date: laptop into access point?
• Previous by thread: Re: A great article on why to use SeLinux
• Next by thread: Re: A great article on why to use SeLinux
• Index(es):
  • Date
  • Thread

---

Relevant Pages Request Regarding the "Remove SELinux" Thread ... I, as a committee of one, have gotten tired of deleting the "Remove SELinux" thread, which has, is, and will continue to go nowhere with great noise and dust but no visible value. ... Under the GPL, I believe this is your right (less the pretty pictures/icons from Fedora, but the originals should still be available.) Respin, and reinstall. ... Alternatively, Ubuntu, SuSe, Gentoo, and a whole raft of others are available. ... (Fedora) Re: Request Regarding the "Remove SELinux" Thread ... politely explain SELinux to you, both how and why, for several days. ... Or not using Fedora. ... special 'Mike' DVD to install without SELinux. ... Those that hail back to the Bob Young days, ... (Fedora) Re: Request Regarding the "Remove SELinux" Thread ... politely explain SELinux to you, both how and why, for several days. ... Or not using Fedora. ... special 'Mike' DVD to install without SELinux. ... ..the Sin of Ignorance, ... (Fedora) Re: "Many" happy selinux users nowadays ... nobody would name it "infection". ... Many Fedora users, have had encounters/clashes with SELinux, so at least ... (Fedora) Re: How NSA access was built into Windows ... there has been an element of chat since way before Fedora came ... The plonk was for the 'Selinux is evil' thread not this list. ... The sky is falling!! ... (Fedora)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Mailing-Lists  > Fedora  > 2008-02