selinux eradicator?

Rahul Sundaram sundaram at fedoraproject.org
Fri Jun 29 00:39:38 UTC 2007


Mike McCarty wrote:

> 
>>> Until such time, efficacy in loading or not loading SELinux
>>> to achieve enhanced security is a matter of conjecture, opinion,
>>> and personal preference.
>>
>> It is very much not conjecture. Use any good search engine and do your 
>> own research rather speculate. One point that should be noted is that 
> 
> You mean like these security vulnerabilities introduced by SELinux:

These vulnerabilities do not support your point that it is merely 
conjecture as long as there are provable advantages which it has. Are 
you going to argue that we should disable PAM and iptables because 
security issues have been found on them? I guess not.

> Also agreed that it is an additional security measure, though I wouldn't
> use the term "layer".

Why not?

> Spoken by a True Convert.

If you can't keep the argument technical you would do well by not 
participating in the discussion. Dragging this discussion to focus on me 
is completely unwarranted.

Rahul




More information about the fedora-list mailing list