>There are valid concerns that it papers over the complexities of securing Linux, providing a
false sense of security.
You use SELinux and when you /think/ you've got your policy right (giving you a sense of
security), there might be still something left that remained open because you could not find
it in that not-papered-over complexity.