On 03/31/2012 10:31 PM, Min Wang wrote: > hi > > Just wondering if there is any statiscs report of selinxu usages in > production environment? I know some still turn it off. If you have machines purposely serving things to the masses on the Internet, you should take the time to make SELinux work properly on those machines. The thing that SELinux is going to do is to prevent things from running outside the proper contexts. This means that it will, for example, block known PHP exploits even though the machine is vulnerable, etc. For machines not serving content, you can turn it off there if you want. Here is a good FAQ about SELinux: http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/ And more info: http://selinuxproject.org/page/Main_Page -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20120402/6b5b3607/attachment-0005.sig>