[CentOS] SELinux - way of the future or good idea but !!!
Christopher Chan
christopher.chan at bradbury.edu.hk
Thu Dec 9 23:03:29 UTC 2010
On Thursday, December 09, 2010 11:39 PM, Tom H wrote:
>>> SELinux came as a result that someone found weaknesses and wanted to try
>>> avoid security issues. Just like when firewalls began to become so
>>> popular 20-30 years ago or so. There was a need to improve something,
>>> and someone did the job. Nobody cared much about firewalls in the early
>>> 80's. Why? Maybe because nobody thought anyone would abuse or misuse
>>> the network infrastructure?
>>
>> Does that mean you would not be comfortable moving your applications to
>> SUSE, Solaris, OS X, Windows, etc.? I don't want that kind of lock-in.
>
> SUSE has apparmor (which it considers equivalent/superior) but you
> probably can install selinux on it (you can on Ubuntu and Debian).
>
> Solaris has Trusted Extensions for MAC and RBAC.
>
> OS X has a Macified version of TrustedBSD.
>
> Windows has UAC.
>
> (In the same way that the last three have their own firewall apps!)
and FreeBSD has TrustedBSD on by default now.
More information about the CentOS
mailing list