How best (BUT WHY) get rid of SELinux?
Ric Moore
wayward4now at gmail.com
Thu Sep 27 04:12:12 UTC 2007
On Tue, 2007-09-25 at 23:14 -0500, Bruno Wolff III wrote:
> On Tue, Sep 25, 2007 at 16:28:52 +0200,
> GNUGravity <no-reply-gw at fcp.surfsite.org> wrote:
> >
> > 2) Who would need this? I operate in the forensic world and I can tell you that network security should have the highest priority. This applies specifically for organizations with personal data (ssn, dob, etc), HIPAA requirements, financial particulars including credit card numbers, and vet and military records. Everyday you can read about breach after breach in the journal.
>
> They are working on labelling of packets based on ipsec information that
> should allow trust relationships between computers enforced by SELinux.
NOW you've got my attention. I actually need something just like that.
As a matter of fact, if you could REALLY lock down the front porch,
restricting service to just your subnets, and a local DNS server, you
wouldn't need the guards inside to be set strict? As much? Tell me about
this... inquiring minds want to know. What's the real deal? Ric
--
================================================
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256 Sign up at: http://counter.li.org/
http://www.sourceforge.net/projects/oar
http://www.wayward4now.net <---down4now too
================================================
More information about the fedora-list
mailing list