Admiral Beotch wrote at about 10:41:07 -0700 on Friday, June 26, 2009: > Once I get it all figured out, I'll definitely send the information off to > the packager. Again, excellent catch on mounting the disk to the default > TOPDIR before installing the rpm. I cant wait to try that in a couple days. > > I dont want to fork this thread, but I have a strong stance on this issue > and I see it getting ignored a lot on many forums... SELinux is an awesome > security framework and should never be disabled. It's like a firewall for > processes. One wouldn't disable a firewall because it kept an required > application from working, you'd figure out how to unblock the traffic. The > same should go for SELinux. If a service or account gets compromised or > abused, SELinux will keep it sandboxed so it can't affect other parts of the > system.
No one is arguing that SELinux isn't better security -- the question is whether it is worth it and what are the risk/benefits. Many people I know get frustrated with SELinux and end up turning it off. That makes sense if SELinux is costing them time and frustration and other simpler measures meet their security needs. Personally, I have played a lot with SELinux but also find that unless you have a "stock" distro install, that SELinux causes endless issues every time you add a new piece of software that has not been accounted for by the distro maintainers. Again, if you need that level of security, then feel free to use SELinux - no one is stopping you. But on the other hand, don't expect everybody else to be as interested in it or to spend time making sure their applications are compliant. > > > On Fri, Jun 26, 2009 at 10:07, Les Mikesell <lesmikes...@gmail.com> wrote: > > > > > If it doesn't, you should report it to the packager. RPMs are supposed > > to set that stuff up so it works. I normally disable SELinux to avoid > > surprises anyway though, but most of my boxes are pretty well firewalled. > > > > > > ---------------------------------------------------------------------- > ------------------------------------------------------------------------------ > > ---------------------------------------------------------------------- > _______________________________________________ > BackupPC-users mailing list > BackupPC-users@lists.sourceforge.net > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: http://backuppc.wiki.sourceforge.net > Project: http://backuppc.sourceforge.net/ ------------------------------------------------------------------------------ _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/