Also wanted to back up dpquigl in response to your #4 point... At absolutely NO point have I ever encountered a response about SELinux from anyone (lists, irc, etc) who was condescending to me or considered my inquires 'simple' or 'stupid'. I think this comment is overly harsh in that regard. Heck, I've learned quite a bit just in the 50+ or so comments here today - thanks again to OFE (Our Favorite Editor, JC for even keeping this topic important, which it is, imho). Lastly, I support SELinux 'policy ON by default'. Kudos to RedHat for being persistent on this matter. I was trained that good policy on *NIX was always 'deny by default, allow by approved request' from well before the SEL era...and default SEL is violating that principle ?...how ?
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds