Selinux disallows read-only loop mount of a file, but only at boot [SOLVED]
dexter
dex.mbox at googlemail.com
Wed May 6 18:09:55 UTC 2009
2009/5/6 Alan Cox <alan at lxorguk.ukuu.org.uk>:
>> >> Have a good, slow read of this:
>> >> http://kerneltrap.org/OpenBSD/SELinux_vs_OpenBSDs_Default_Security
>> >
>> > Why ?
>> Because he thinks its *crap*
>
> I take it you also use talk radio as your encyclopedia 8) I think SELinux
> is not crap but Gnome is complete pants, but that isn't actually useful
> information either.
>
>> what informed non-random? links have you got?
>
> The SELinux manual is pretty good, the SELinux list has all sorts of
> useful people on it.
Yeah I read the manual back in the day, hell I even wrote my own
policy :-) then concluded this ain't fit for domestic use.
Next time somebody needs their Boolean's all in a row I'll surely tell
them to hit the SELinux list.
But it really isn't the magic bullet y'all like to spout it is e.g it
doesn't do kernel exploits, buffer overflows or prevent the last
redhat/fedora intrusion
SELinux is MIA in all cases. Besides in life & code I don't do
tainted, the NSA are torturing scum. But hey we can at least agree on
something GNOME
really is pants :-)
...dex
More information about the fedora-list
mailing list