[CentOS] SELinux threads, cynicism, one-upmanship, etc.
Craig White
craigwhite at azapple.com
Mon Nov 21 15:18:32 UTC 2005
On Mon, 2005-11-21 at 14:15 +0000, Peter Farrow wrote:
> The point was, as its very much beta quality, it should be up to the
> user to ask for it, not have it dropped on them by default.
>
----
not that it's going to change this discussion, but the characterization
that SELinux is 'very much beta quality' might be yours, definitely is
Brian Brunner's and perhaps some others but certainly isn't the
characterization of the upstream provider whose intent is to only
include 'stable' services in their Enterprise product.
In that respect, that characterization is out of line with the upstream
provider.
My own experiences with many servers running RHEL & CentOS with SELinux
set to enforcing mode is that 'audit2allow' lacks a man page. Beyond
that, I have seen nothing to suggest that it is not ready for prime
time.
The only 'beta quality' I am seeing is sysadmins who simply turn it off
because they fear having it enabled since they know absolutely nothing
about it which means that there is a lack of informed people capable of
answering questions. Thus the beta quality tag probably refers more to
the participants of this list than the security services provided from
upstream provider.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the CentOS
mailing list