non C based environments can have problems
Posted Jan 19, 2007 18:19 UTC (Fri) by janfrode
In reply to: non C based environments can have problems
Parent article: LCA: How to improve Debian security
> And SELinux does seem to be too complex for me to say if a certain configuration is secure or not.
As SElinux doesn't grant you any additional privileges over what you have on a non-SElinux enabled system, you should be able to say if a certain system is secure in the traditional UNIX configuration -- and additionally get the benefit other peoples work on further restricting the targeted applications. Think of it as dropping privileges, only on a system level.
to post comments)