Jeff Kinz wrote: >> Since SElinux seems to spawned as an intern type project and nothing >> more, what I object to is it being enabled by default. > > IRC most if not all of the features of SELinux (essentially fine-grained > access control systems), Were already up and running in version of UNIX > [Domain-IX] used/built by Apollo Computer in > > > # ### ### ### > ## # # # # # # > # # # # # # # > # ### ### #### > # # # # # # > # # # # # # > ##### # ### ### > > > and earlier. > > Apollo was absorbed by HP a few years later and HP added all their stuff > to HP-UX. And also version of AIX for ES9000 mainframes. On that thing you could completely safely do things like "chown root /usr/bin/vi; chmod 4755 /usr/bin/vi" (or on any other command). Yeah, the process would run as root. But with privileges of user that started it ;-)