[CentOS] SELinux - way of the future or good idea but !!!

Les Mikesell lesmikesell at gmail.com
Sun Nov 28 14:28:17 EST 2010


On 11/28/10 1:06 PM, Jorge Fábregas wrote:
>
> There has been a lot of progress with SELinux lately. I think you should
> reconsider your position and perhaps give it a try on the upcoming CentOS 6
> where the targeted policy is much matured.

SELinux has been around many years now.  Are there any objective metrics we can 
observe instead of having people rant about their own opinions here?

Things like:
    Number of bugs posted against SELinux itself.
    Measured hours of effort to learn the system well.
    Ratio of security breeches expected on systems that do/don't include SELinux.
    Lists of 3rd party apps that do/don't work with SELinux.

Without those, it's all handwaving and if there aren't any real metrics it's 
fair to assume the value isn't worth the trouble you can expect.

-- 
   Les Mikesell
    lesmikesell at gmail.com


More information about the CentOS mailing list