[CentOS] SELinux threads, cynicism, one-upmanship, etc.

Sat Nov 19 02:02:01 UTC 2005
Preston Crawford <me at prestoncrawford.com>

> On Thursday 17 November 2005 18:53, Preston Crawford wrote:
>> What you said there was really funny. So let's assume said fictional
>> employer Googles to see what Lamar Owen is up to. What's going to look
>> worse, people turning off SELinux or someone getting "perturbed" because
>> someone turned off SELinux? People skills are part of any job usually.
>
> Well, first they're going to wonder why a basketball star is an IT
> Director.

Your name is Lamar Odom?

> What got me perturbed, and still does, is the flippant attitude about the
> security angle.  The lack of doing what is necessary to make the system
> secure and still usable is a real problem; I'm sure the programmer who
> wrote

Fine. People are being flippant. So what? I take my security seriously.
Every CentOS box I run uses SELinux. Others turn it off. I'm not going
home steaming mad because someone else doesn't use SELinux. That's the
issue now. Your reaction. Your overreaction. Your claim that someone
saying SELinux is too difficult to manage now, on the Internet, should
cost them a job. That's the issue now because you made it so.

For the record, I have WEP disabled at home. I just use SSH and MAC
Address Filtering. Should I get turned down for a job because I don't
spend hours and hours of my free time trying to get WPA (a technology that
doesn't yet work properly in my experience) to work with my CentOS-running
laptop? Or do we not sometimes make security decisions based on a triage
of the risk and the time and effort required.

> And perturbed is less intense than annoyed, or 'ticked off' or any number
> of
> other adjectives on the spectrum to livid.  Perturbed is at best mildly
> annoyed compared to livid (yes, I know it means 'greatly disturbed or
> anxious': if the best and the brightest sysadmins are so careless about
> security, no wonder worms are running rampant, and it should be greatly
> disturbing to people that some sysadmins Just Don't Care).

Poor choice of words then, I guess.

Preston