SEBSD is dead?
xaero at xaerolimit.net
Mon Dec 20 20:42:56 UTC 2010
On Mon, Dec 20, 2010 at 3:11 PM, David Brodbeck <gull at gull.us> wrote:
> I've seen various HOWTOs about how to craft new rules to permit things
> like this, but many of them seemed to be out of date or referred to
> tools that don't ship with RedHat. Documentation is thin and the rule
> syntax is so cryptic it makes sendmail.cf look like LOGO. It was
> obviously intended to be a "no user serviceable parts inside" sort of
> system, but that only works if your setup is completely standard.
To be perfectly honest ... SELinux has frightening me from day one. For two
1) The government had the fingers in it (I just can't fathom them
contributing positively and constructively to the F/OSS community.
2) Because it was so poorly documented that I couldn't figure it out. All it
did was serve to piss me off and I sought other, tried-and-true methods for
securing my systems.
Beyond this, I've never seen a real and valid use for SELinux ...
More information about the freebsd-questions