[GLLUG] SELinux

John Hearns john.hearns at streamline-computing.com
Mon Mar 7 10:47:48 UTC 2005


> A while back we failed to have a reasoned debate about SELinux - ie
> no-one said anything!  I thought I'd raise it again...
>
> Summary:
>
> Agk claimed that all professional linux sysadmins will need to
> understand it as it becomes mainstream over the next year or so.
>
> A counter opinion was raised - this is unlikely; SELinux is  "an
> over-engineered, non-Unix solution to a problem that affects a tiny
> minority of high-end systems."
>
> We're too old-fashioned to use SELinux - we're still running 2.4
> kernels - but what are other people's experiences and/or opinions?
Good question.

I did the SELinux tutorial which Alisdair organised at the UKUUG meeting
in Leeds last year.
I for one was grateful for all the help that Redhat gave during the tutorial!

I think it is difficult. And its one of these things you'll need to work
with for a period of time before it 'clicks'. I've forgotten everything I
learned on that tutorial. One thing shat did stick in my mind was we built
a system wich root could not do a reboot (deliberately).


My take is SELinux is coming, and will be important.
However, I think it will take longer than expected, as most people
(probably me included) will see it as a barrier to getting something
working quickly - which is always the pressure in IT.




-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list