On Sun, May 23, 2004 at 01:58:20PM -0700, Rami Saarinen wrote:
....
> (audit is new to me, I assume it has something to do with
selinux?).
> Below is a bit of messages log created during the boot.
....
Oh, just as I had posted this message I found the "Fedora Core 2
test2
SELinux FAQ" at
http://mindstorm.ath.cx:8080/fedora-docs/selinux-faq-en/
That clears out many questions, but does anyone have any good reasons why
I should have SELinux turned on? The machine is connected to the internet
just few hours a day and I have all the services off on the
system-config-securitylevel.
At this point a single user machine with all service connections
turned off there is no compelling reason to run SELinux.
The whole purpose of SELinux is to place limits on applications and
users to improve the security of user data and compartmentalize
activities. It it is only you why bother because there are no groups
or activities to isolate. So except for education and caution why
bother.
However in the context of large user count machines and large
enterprises SELinux will find a home.
For me the education part is important.
--
T o m M i t c h e l l
/dev/null the ultimate in secure storage.