FC6 Im impressed
Thomas Sprinkmeier
thomas.sprinkmeier at gmail.com
Tue Nov 14 04:39:34 CST 2006
On Tue, 2006-11-14 at 14:00 +1030, Adam Hawes wrote:
> > Just a couple of observations:
> >
> > SElinux, there seems to be a general consensus to disable it.
>
> It's a useful tool. If it were configured properly it would catch a lot
> of things that aren't otherwise caught. Its audit logs do cause some
> performance hit, since it is auditing every single (or almost every)
> system call.
Useful, but not appropriate for everyone.
Security is a trade-off, and I believe that for some/most desktops the
added security of SELinux is not worth the effort of configuring it.
Servers may be a different matter, of course. A 'net-facing webserver
should probably use SELinux.
> Unfortunately and fortunately, as the case may be, the Linux world is
> about being able to make your own distro and choice. It's great to have
> so many choices. It's a bit sad that from an end user perspective they
> all look much the same with their Gnome or KDE installs. Most users
> coming from Windows land don't understand that the look of the GUI is
> not even half of it.
reminds me of:
"OSS offers freedom of choice, while most users want freedom from
choice".
Personally I think that choice is great, but I'm not most users :-)
> I settled on and recomend Fedora some time ago and thought I'd try
> Ubuntu a while back. I'm back to sticking with Fedora 'cos it works
> well for what I and a lot of people I know want.
RHES for the CYA factor fro servers
Fedora or Ubuntu for desktops (I like Fedora, but Ubuntu/apt seem much
more low-bandwidth friendly for those of us stuck with dial-up).
$0.02
Thomas
More information about the linuxsa
mailing list