BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] SELinux & IPTables
- Subject: [Discuss] SELinux & IPTables
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Wed, 02 Apr 2014 12:37:26 -0400
- In-reply-to: <CANaytccdL=GFkjcx56yRZvNTjgz0E4EccqEivw1Tmk-NH3yr4w@mail.gmail.com>
- References: <CAM9bQ=hCqhSGMvm2c29Gr5ySwvUVjxkuT-=qJb98PVgi3UXk_w@mail.gmail.com> <533C36D7.8060503@gmail.com> <CANaytccdL=GFkjcx56yRZvNTjgz0E4EccqEivw1Tmk-NH3yr4w@mail.gmail.com>
Greg Rundlett (freephile) wrote: > It's rather (annoyingly) humorous that there is a webpage at the NSA > titled "Current State of SELinux" > http://www.nsa.gov/research/_files/selinux/papers/x/text8.shtml which is > a blank white page. That's funny. Regardless, my suggestion not to use SELinux has nothing to do with the NSA. It's because SELinux is the wrong tool most of the time. If you don't need multi-level access control then AppArmor offers at least as good protection as the SELinux targeted policy (which was designed to emulate AppArmor's functionality) in a more easily managed form. -- Rich P.
- Follow-Ups:
- [Discuss] SELinux & IPTables
- From: gaf at blu.org (Jerry Feldman)
- [Discuss] SELinux & IPTables
- References:
- [Discuss] SELinux & IPTables
- From: jomalloy at gmail.com (John Malloy)
- [Discuss] SELinux & IPTables
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] SELinux & IPTables
- From: greg at freephile.com (Greg Rundlett (freephile))
- [Discuss] SELinux & IPTables
- Prev by Date: [Discuss] SELinux & IPTables
- Next by Date: [Discuss] easy clustering of applications
- Previous by thread: [Discuss] SELinux & IPTables
- Next by thread: [Discuss] SELinux & IPTables
- Index(es):
