[CentOS] SELinux - way of the future or good idea but !!!
Warren Young
warren at etr-usa.com
Wed Dec 8 22:01:04 UTC 2010
On 12/8/2010 3:04 AM, David Sommerseth wrote:
> it is still not recommendable to trade security for simplicity.
Security is never an absolute, is *always* a tradeoff against simplicity.
We could store our servers 16 feet underground and encased in concrete
to prevent tampering and accidental power cycling. We don't do that
because union labor makes digging them back out when we really do
intentionally want to power cycle them or perform physical maintenance
impractical.
Security is a continuum. One should rationally choose where along it
one wants to be. There are defensible, rational reasons to choose to
disable SELinux.
More information about the CentOS
mailing list