SElinux

[Craig White]

On Mon, 2006-04-03 at 09:21 +0200, Eugen Leitl wrote:
> On Sun, Apr 02, 2006 at 08:08:42PM -0300, Jacques B. wrote:

> SELinux has no business running on a user desktop (=kitchensink) 
> if the policy is not well maintained. Things like RSBAC/grsecurity/SELinux+PaX
> can be useful on a server.
----
if Windows exploits are any indication, it is primarily desktop systems
which are the target for malware that infects the system for nefarious
purposes. Why? Because the users are often not knowledgeable, run with
elevated privileges, travel to web sites that attempt every conceivable
exploit in a plethora of scripting languages, etc.

The policy updates from Fedora have been frequent and are automatically
installed/applied

Craig