[CentOS] httpd and krb5.conf
Bryan J. Smith
b.j.smith at ieee.orgThu May 19 12:13:30 UTC 2005
- Previous message: [CentOS] httpd and krb5.conf
- Next message: [CentOS] httpd and krb5.conf
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 2005-05-19 at 08:02 -0400, Doug Koobs wrote: > If you're not familar with Mandatory Access Control, read up on it; > I think that is what SELinux is about. MAC is exactly what SELinux is about. Legacy UNIX permissions and security is DAC, but lacks MAC. It's one of the few details of UNIX design that is a thorn. Otherwise, legacy UNIX design -- over 35 years old -- has been pretty damn good in the age of the Internet. Multiuser by default, execute bit, reliance on file magic, not extensions, write access only to user home directory, etc... Yeah, NT might have MAC. But the majority of Windows applications would be classified as a "root exploit" because they require escalated privileges over what UNIX programs do just to run! Including many of Microsoft's own. -- Bryan J. Smith b.j.smith at ieee.org ----------------------------------------------------------------- Beware of those who define their preference in terms of hate of another option, and not on the positive merits of their selection
- Previous message: [CentOS] httpd and krb5.conf
- Next message: [CentOS] httpd and krb5.conf
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list