On 11/30/10 9:28 PM, Marko Vojinovic wrote: > On Tuesday 30 November 2010 20:54:37 m.roth at 5-cent.us wrote: >> And about apache... most of those attacks are preventable through >> defensive configuration and coding for httpd itself. Looking to selinux to >> protect you is very sloppy. > > So a guy in a circus, performing acrobatics on a trapeze doesn't actually ever > need a safety fishnet below, right? All he needs to do is make sure never to > slip, or miss to catch the trapeze bar while performing. If he isn't sloppy, > he will never fall. Simple. ;-) Analogies rarely work well, but this one would be better if you assume the crew doesn't have time to do a good job of setting up both the trapeze rigging and the net. Would you rather have a trapeze you can trust or a trapeze and a net both badly rigged and likely to break? -- Les Mikesell lesmikesell at gmail.com