[Discuss] SELinux & IPTables
Richard Pieri
richard.pieri at gmail.com
Wed Apr 2 12:37:26 EDT 2014
Greg Rundlett (freephile) wrote:
> It's rather (annoyingly) humorous that there is a webpage at the NSA
> titled "Current State of SELinux"
> http://www.nsa.gov/research/_files/selinux/papers/x/text8.shtml which is
> a blank white page.
That's funny.
Regardless, my suggestion not to use SELinux has nothing to do with the
NSA. It's because SELinux is the wrong tool most of the time. If you
don't need multi-level access control then AppArmor offers at least as
good protection as the SELinux targeted policy (which was designed to
emulate AppArmor's functionality) in a more easily managed form.
--
Rich P.
More information about the Discuss
mailing list