On Sat 08 Mar 2014 16:12:52 NZDT +1300, Steve Holdoway wrote: > >Useless bloody security system that offers nothing. No wonder its > >often just turned off.
> Security for people who can't understand file permissions. Isn't that a bit much ignorance? It is supposed to be a system to protect you after your box has been partially compromised and your file permissions have become useless, as well as giving you much finer control (the ACL thing was already an afterthought, and it shows). Also, the *ix file permission system sucks in very large parts. There are a gazillion files on the system any particular service process does not need any access to, and as you know, access to anything not needed should be shut down. selinux/apparmor allow you to do that, as well as deal with the exceptions that may arise. Your file permissions are pathetic in comparison. They also don't allow you to control things like network interfaces or the capabilities system, though I'm unsure off the top of my head whether selinux does. Volker -- Volker Kuhlmann http://volker.top.geek.nz/ Please do not CC list postings to me. _______________________________________________ Linux-users mailing list [email protected] http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
