On 6/18/07, Stephen Harris <lists at spuddy.org> wrote: > On Mon, Jun 18, 2007 at 12:18:40PM -0600, Stephen John Smoogen wrote: > > On 6/18/07, Stephen Harris <lists at spuddy.org> wrote: > > >I've never said there are _no_ cases for SELinux. I was questioning it > > >as a general rule for all machines. > > > Several of the problems were machines that were not connected to the > > internet or were deep behind firewalls. The problems were that all it > > takes is one user who doesnt think well to make all those > > firewalls/issues useless. E.G the person who coming in from work finds > > a nice shiney USB fob and plugs it into a work computer to see who it > > belonged to so they could return it. The guy who downloads an > > [ etc ] > > This is why I mentioned "risk profile" in another message. You evaluate > the perceived risk, the likely-hood of the event happening, the cost of > the event, the "cost" of a potential solution and perform an analysis. > > So one might rank the items this: > external facing servers: high risk! Automated attacks possible > Desktop work stations: moderate. User stupidity highest attack vector > General compute server: low risk. Only "trained" staff have access. > I was really grumpy yesterday.. so I just wanted to say that I believe that in most cases where you are in a low risk.. you might be better off with selinux in permissive mode versus off. Permissive at least will give you a finger print of what might have gone wrong when the PFY plugged in that nice shiney USB fob he found next to his car at lunch. -- Stephen J Smoogen. -- CSIRT/Linux System Administrator How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice"