M. Fioretti wrote: > > People who say "turn it off" do so because the either don't > > understand what it does OR they don't know how to use it. > > Sure. This could be due to the feature not being sufficiently > documented (see my earlier comments in the thread on ssl, for > example), something that in practice would still make it hardly usable > for all but the most competent, full-time sysadmins. Regardless of how > well it's working or is packaged in any distro. If you're staying with software supplied by CentOS and use the standard paths for apache, postfix, squirrelmail and so on, you probably won't be able to tell that SELinux is turned on. As soon as you're beginning to add software from somewhere else, things can get funny. But even for those solution aren't that far away :) Cheers, Ralph -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20070722/8a4f93b0/attachment-0004.sig>