Posted Jul 10, 2008 6:53 UTC (Thu) by khim
In reply to: SELinux conceptual complexity
Parent article: SELinux and Fedora
Take a look on frustrated user just above. Biggest problem with SELinux was not the fact that it's complex but simply the fact that it works differently then plain Linux.
I could not get postgres to start, even though I've installed it that way dozens of times is THE ONLY real problem with SELinux - but any security solution which will allow you to do things in exact same way you did it "dozen of times" is totally, utterly USELESS. Because security solutions are designed to stop attacker and till we'll have reliable telepathy-based function is_Attacker(3) security solutions will hurt admins from time to time - or will not hurt attackers at all...
to post comments)