SeLinux - is it worth it?

Kim Hawtin kim at hawtin.net.au
Wed Sep 10 06:41:54 CST 2014


On 10/09/14 03:15, David Lloyd wrote:
> Usually SeLinux stops me from doing what I intended to do and makes my
> systems UNUSABLE as opposed to SECURE.
>
> If a system is *UNUSABLE**// *it is _USELESS_.
>
> DISCUSS.

There is a sublte difference between trolling and ...

Oh what the hell, yes selinux is a PITA.

Its only really useful on systems that only do one thing and you can 
spend the hours/days/months to tweak all the things that cause 
exceptions. Setting everything with chattr, etc

There is also AppArmour on Ubuntu, same levels of headfsck. I moved to 
Debian to avoid it.

Kim



More information about the linuxsa mailing list