[CentOS] SELinux - way of the future or good idea but !!!

Christopher Chan christopher.chan at bradbury.edu.hk
Thu Dec 9 23:03:29 UTC 2010


On Thursday, December 09, 2010 11:39 PM, Tom H wrote:

>>> SELinux came as a result that someone found weaknesses and wanted to try
>>> avoid security issues. Just like when firewalls began to become so
>>> popular 20-30 years ago or so.  There was a need to improve something,
>>> and someone did the job.  Nobody cared much about firewalls in the early
>>> 80's.  Why?  Maybe because nobody thought anyone would abuse or misuse
>>> the network infrastructure?
>>
>> Does that mean you would not be comfortable moving your applications to
>> SUSE, Solaris, OS X, Windows, etc.?  I don't want that kind of lock-in.
>
> SUSE has apparmor (which it considers equivalent/superior) but you
> probably can install selinux on it (you can on Ubuntu and Debian).
>
> Solaris has Trusted Extensions for MAC and RBAC.
>
> OS X has a Macified version of TrustedBSD.
>
> Windows has UAC.
>
> (In the same way that the last three have their own firewall apps!)

and FreeBSD has TrustedBSD on by default now.



More information about the CentOS mailing list