Lamar Owen wrote:
On Tuesday, November 30, 2010 01:55:11 pm m.roth@5-cent.us wrote:
<snip>
However, there are a ton of apps out there, and almost no developers who have been earning their living as programmers, who have any knowledge of selinux. Case in point: something here, developed in-house over the last 10-12 years, lots of cgi. Another case: Computer Associates' SiteMinder, big bucks commercial product.
CA should know better, and if they are targeting RHEL commercially they should be supporting the default RHEL configuration.
Right. So, hey, do you have the rights to call CA and lean on them? Please? I can barely get the network folks, who actually can contact them, to understand selinux (I think of them as operators, not sysadmins).
And I notice that you don't address the other point, all the in-house apps, and if you think management will say "sure, spend whatever it takes to rewrite that so it conforms to selinux...", you're living in somewhere I don't. And just about everywhere I've worked, both as a developer and as a sysadmin had a *lot* of in-house apps.
mark