[CentOS] SELinux - way of the future or good idea but !!!

Wed Dec 8 22:11:23 UTC 2010
Warren Young <warren at etr-usa.com>

On 12/8/2010 8:21 AM, Lamar Owen wrote:
> On Tuesday, December 07, 2010 06:29:44 pm Les Mikesell wrote:
>> And if you can't get the simple version right, how can you hope to
>> do it right with something wildly more complicated?
> Alright, pray tell how I, a desktop Linux user,...

Let's not drag the desktop user into this discussion, too.

Long experience has shown that when Joe User tries to do Thing X and is 
prevented, then a popup appears that in effect says "run this command to 
make this popup go away and allow Thing X to happen", THEY WILL RUN THE 
COMMAND.  It's so reliable an effect that you could make a killing if 
any bookie were stupid enough to let you bet on it.

I have a one-word reply pre-prepared for anyone who disagrees: botnet.

Please, let's keep this thread centered on professionally-managed 
servers, the focus of CentOS, and thus hopefully this list.  There is at 
least hope in that world that something like SELinux could actually be 
applied successfully.