[CentOS] Re: selinux stuff - I just don't get
Bryan J. Smith
thebs413 at earthlink.net
Tue Nov 15 17:17:33 UTC 2005
[ Sorry, I can't bite my lip anymore. ]
Craig White <craigwhite at azapple.com> wrote:
> The first 3 times you said essentially the same thing so
> you must think that we're all so stupid you had to say it
> again.
Apparently I'm stupid too, because "firewalls just work" and
aren't a good comparison in his eyes.
Putting SELinux in "permissive" mode is like the default
"allow all outgoing" in your firewall, which is the default
of SOHO firewalls, which allows most everything to work.
Red Hat Enteprise Linux is an _enterprise_ distro that is
focused for at least the small-to-medium business (SMB), if
not the federal agency or larger enterprise.
So like a typical SMB or enterprise firewall which is
configured with *DENY* all outgoing, RHEL is going to come
with SELinux enabled. If you don't want that, then change
the default to "permissive", just like you would if you had a
SMB or enterprise firewall to allow everything out by
default.
Otherwise, consider a SOHO distro, just like you purchase a
SOHO router. It's not about "broken," it's about who the is
designed for. ;->
--
Bryan J. Smith | Sent from Yahoo Mail
mailto:b.j.smith at ieee.org | (please excuse any
http://thebs413.blogspot.com/ | missing headers)
More information about the CentOS
mailing list