[CentOS] selinux stuff - I just don't get

Les Mikesell lesmikesell at gmail.com
Mon Nov 14 15:56:08 UTC 2005

On Mon, 2005-11-14 at 08:29, Jim Perrin wrote:
> >
> > Selinux just adds bloat that we've managed without for many many years.
> >
> We used to manage just fine with telnet for many many years also, and
> these days I wouldn't think of running accessing a machine via telnet.
> If you don't change with the times, you're going to get steamrolled by
> them.

But note that there have been times that having ssh enabled exposed
your system to additional exploits. 

> Another layer of complexity to allow another layer of
> > holes/backdoors/exploits.
> Given the organization who gave us selinux and their dire need for
> security, I get the feeling it'll block many more problems that it
> allows, just as ssh did.

Except for the versions of ssh that allowed exploits...

  Les Mikesell
    lesmikesell at gmail.com

More information about the CentOS mailing list