On 11/28/10 1:06 PM, Jorge Fábregas wrote: > > There has been a lot of progress with SELinux lately. I think you should > reconsider your position and perhaps give it a try on the upcoming CentOS 6 > where the targeted policy is much matured. SELinux has been around many years now. Are there any objective metrics we can observe instead of having people rant about their own opinions here? Things like: Number of bugs posted against SELinux itself. Measured hours of effort to learn the system well. Ratio of security breeches expected on systems that do/don't include SELinux. Lists of 3rd party apps that do/don't work with SELinux. Without those, it's all handwaving and if there aren't any real metrics it's fair to assume the value isn't worth the trouble you can expect. -- Les Mikesell lesmikesell at gmail.com