SELinux last straw
Les Mikesell
lesmikesell at gmail.com
Wed Oct 17 19:57:54 UTC 2007
Arthur Pemberton wrote:
>>>
>> The shortcut test is to su to the user in question and try to access the
>> file/device. The only slightly more complicated way is to walk down the
>> path looking at the permissions for user/group/other on the file and the
>> directories above.
>
> Well, these "traditional" methods didn't work for your friend Karl,
> since he was hacked with them.
Perhaps he had a false sense of security from the supposed other layers
claimed to be present, when paying attention to the obvious would have
been more beneficial. That's the main reason I question the value of
SELinux in the first place. It doesn't come into play unless you have
already made a mistake with the simple things and it diverts attention
and makes it appear to be unimportant to get those things right.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list