[CentOS] SELinux - way of the future or good idea but !!!

Thu Dec 9 00:14:01 UTC 2010
Christopher Chan <christopher.chan at bradbury.edu.hk>

On Thursday, December 09, 2010 03:40 AM, Les Mikesell wrote:

> How many of those use the same commands to
> start/stop/save-current-config?  Where do they keep the configs?  How If
> you deployed applications on all of them, how much time would it take to
> train the operators that do the install and maintenance to deal with all
> the variations?  What if you switch to Solaris or a *bsd version?  These
> aren't so much an issue if you use separate hardware for firewalling as
> when you run the host firewall on every device.
>

> I think it is fine that non-standards-conforming things exist.  I just
> like to avoid them as much as possible myself - and certainly to avoid
> having them intimately intertwined with applications that would
> otherwise be portable.
>

At least you are consistent in not using every layer available to you. 
How about you be more consistent by advocating the non-use of iptables 
and the use of hardware firewall because iptables is non-standard too?

Or rather stop telling people not to use SELinux and iptables on this 
list just because you don't want to use any of these tools because it is 
too troublesome for you and your gang.