Am Freitag 02 Februar 2007 13:49 schrieb Russell Coker: > One of the enemies of security in Debian is the fact that every person > controls their little area and has no requirement to work towards common > goals (apart from the most obvious ones of making the system work). > > This means that instead of having a little cooperation from other > developers anyone who wants to get a significant change included will have > to fight hundreds of battles. > > SE Linux is a classic example of this. Debian could have had SE Linux > support long before Fedora, but instead it gets it long afterwards. > > The same battles occur with regard to all the other security measures I > mentioned (and some others I didn't). We could made Debian the most secure > Linux distribution, there are many people who have the skills and the > interest in doing so.
And everybody gets the SE Linux overhead if he wants or not? The current system does not give you perfect security but neither does adding SE Linux. Instead, you probably get annoying permission problems. Name a few guys that really likes to use this on a private machine and some real-life improvements that it brings. Hint: "increased security" is not an argument. Not being able to change the cause to the better doesn't mean to introduce a mess to control the result. And I really hope that Debian never considers installing+enabling selinux by default. > You want features such as exec-shield, well you don't get them - because of > other people with the same attitude as you. Please differ between things that are pretty much automatic (even when not only using debian packages) and things that you need some days to setup correctly (if you ever manage to do so). And always think about the problems that you introduce with such things (and almost all you named have such). HS -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]