[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How best get rid of SELinux?



Arthur Pemberton wrote:

I either run it (in targeted mode) or I don't - I do on servers, don't
on desktops/laptops

Then we are agreed on this point, at least: If SELinux has benefit,
then it is still an installation dependent issue whether the
cost outweighs the benefit, or vice versa. I have a desktop which
has exactly one LAN connected machine, my firewall. The firewall
on the WAN side is connected exactly to one machine, an ADSL modem.

It does not make sense to install and run software which one does
not ever intend to use. Simply having it on the machine but disabled
makes the machine potentially less secure, but gives no benefit.
Even "disabled", it is present, and code is actively being executed,
though I'm sure much less of it gets executed than otherwise.

Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]