Red Hat Boosts SELinux With RHEL 5

E. Stride writes "Many IT managers find Security Enhanced Linux, or SELinux, to be wildly complex. The mandatory access controls originally developed by the NSA have developed a reputation for being too complicated to deal with, and many IT shops simply turn the feature off. However, Red Hat's Dan Walsh says it's the only way to ensure 100% protection in the data center."

Re:lol

[timmarhy]

i can sell you a 100% safe pc if you want - it has no hd and no psu.

Re:AVC (server) = UAC (desktop)

[Volante3192]

Very off topic, but I was just thinking...

windows with it's constant prompts to do stuff while performing the same task gets very annoying and will quickly train the user to just click the allow, rendering it practically pointless.

Clearly, in order to make users think about this, a 5 second delay has to be introduced before the Allow/Deny buttons are active...

Re:That's not entirely true.

[crawly]

consultants on the other hand.....

So where do I go to sign up for one of those consultants jobs then. I'm sure I could turn off SELinux just as well as anyone else.

Re:just how good is this?

[g1zmo]

It's designed to prevent, say, one process on your machine from overwriting a file it should be able to.

Yeah, that pretty much sums up my experience too.

Re:100%?

[ryanov]

Wouldn't that be a sign that it's time to get a better distro than to disable security features? :)