secure shell system
Stuart Jansen
sjansen at buscaluz.org
Sun Apr 18 22:46:52 MDT 2010
On Sun, 2010-04-18 at 20:30 -0600, Tod Hansmann wrote:
> I do avoid selinux, because I have never seen much of a need for it.
> Always seems to cause problems with a load of things I want to do with
> my server and working through them, while not impossible by any means,
> takes more time than I want to spend on the minor security buffs it offers.
Red Hat publishes regular reviews of RHEL vulnerabilities, their
severity, and how long it took for a fix to be released. An interesting
pattern has emerged. All of the most critical vulnerabilities become
either non-issues or significantly less important if SELinux is enabled.
I consider that a significant advantage, not a "minor security buff".
http://magazine.redhat.com/2009/03/10/risk-report-four-years-of-red-hat-enterprise-linux-4/
http://www.google.com/search?q=red+hat+risk+report
--
"XML is like violence: if it doesn't solve your problem, you aren't
using enough of it." - Chris Maden
More information about the PLUG
mailing list