It's also used by Android BTW. That means some billion installs. On Tue, Apr 4, 2017 at 8:44 AM, Howard Coles Jr <[email protected]> wrote:
> On Thursday, March 23, 2017 11:53:07 AM CDT Kent Perrier wrote: > > https://stopdisablingselinux.com/ :D > > > > I can only speak to RHEL, but selinux had gotten a lot easier to set up > > with RHEL/CentOS 7. Something gets stepped on by SELinux? Look at > > /var/log/messages. It pretty much gives you the command to run to allow > it > > to work. > > > > On Thu, Mar 23, 2017 at 11:39 AM, andrew mcelroy <[email protected]> > > > > wrote: > > > So to further expand this conversation: > > > https://www.cnet.com/news/novell-lays-off-apparmor-programmers/ > > > http://wiki.apparmor.net/index.php/Gittutorial > > > > > > https://security.stackexchange.com/questions/29378/comparison-between-> > > apparmor-and-selinux > > > > > > grsecurity seems to have fallen out of visibility. > > > > > > On Thu, Mar 23, 2017 at 9:23 AM, Howard White <[email protected]> wrote: > > >> A worthy discussion, indeed. > > >> > > >> I get [ bemused | frustrated ] by the "happy talk how-tos in which the > > >> first instruction is kill off SELinux. Is SELinux a pain? Yes. Can > it > > >> be > > >> made to work? Yes. Is it effective? I have NO idea... > > >> > > >> Howard > > >> > > >> On 03/23/2017 11:11 AM, andrew mcelroy wrote: > > >>> Greetings NLUG, > > >>> > > >>> A recent debate that I am currently having is revolving around using > SE > > >>> Linux in an hardened environment. If anyone on this list deals with > > >>> Government/Military/ Security Critical systems, I have a question. > > >>> > > >>> How wide spread is SELinux or has AppArmor won the day? > > >>> What are your current best practice guides/resources for hardening a > > >>> Linux server. > > >>> > > >>> Thanks. > > >>> > > >>> Respectfully, > > >>> Andrew McElroy > > May be late in the game, but if you run RHV (RedHat Virtualization, or > RHEV 3) > SELinux is needed to protect one Guest from the other apparently. We're > running in on Power8 boxes, and Intel. > Also, on boxes that sit in a DMZ, or are internet facing, we enable > SELinux. > It appears to work, and its not THAT hard, you just have to be aware of it. > > AppArmor is what appears to be running on Linux Mint, what few of those I > have > running, but that's about it. > > anyone with a default install of Fedora will have SELinux running, I > believe. > I usually disable it out of the gate, so I'm hoping that's right. > > -- > See Ya' > Howard Coles Jr. > John 3:16 > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to nlug-talk+unsubscribe@ > googlegroups.com > For more options, visit this group at http://groups.google.com/ > group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
