Somebody needs to inform Mr. Cox that when the automakers used his reasoning and turned on the airbags with no option to turn them off a lot of people, mostly children and smaller women, DIED. That is why all new vehicles (at least in the US, perhaps the UK government prefers to keep killing people in the name of political doctrine) have airbag kill switches for the passenger seat. So yes safety features do need to consider balance. I know I tend to switch the damned thing off after the first couple of failures, because in enforcing mode most machines are useless and in permisive /var/log/messages is useless because of the noise. Too much junk in the logs can cause other problems to be missed. SELinux is great if you are building a server running a locked down set of processes and your use happens to actually run under SELinux with only a few rounds of the SELinux Troubleshooter giving out incomprehensible incantations to say at a root terminal, reboot and try again. I have been running Linux/UNIX/OS-9 since the freaking 80's and totally understand the UNIX security model, but SELinux is so alien to UNIX thought that I haven't a clue how to modify it. I even tried wading through the O'Reilly SELinux book and just didn't get it. I suspect that I'm not alone.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds