Re: Don't try this at home kids

To: Debian Users ML <debian-user@lists.debian.org>
Subject: Re: Don't try this at home kids
From: Tom Dial <tddial@comcast.net>
Date: Mon, 29 Nov 2021 21:01:10 -0700
Message-id: <[🔎] 90ece0e9-1fb3-19b3-f857-c034328df89d@comcast.net>
Reply-to: tdial@acm.org
In-reply-to: <[🔎] CAJmb-YnzEy+XiZXbwRsga=j59hLreh42j5WjgawzqzJifo5ZRg@mail.gmail.com>
References: <[🔎] CAJmb-YnzEy+XiZXbwRsga=j59hLreh42j5WjgawzqzJifo5ZRg@mail.gmail.com>

On 11/29/21 17:19, Nicholas Geovanis wrote:
> On Mon, Nov 29, 2021, 5:14 PM James H. H. Lampert <jamesl@touchtonecorp.com <mailto:jamesl@touchtonecorp.com>> wrote:
> 
>     .... And the only
>     reason ROOT access is more dangerous than, say, QSECOFR access on OS/400
>     (or whatever IBM is calling it this week) is because there's nothing
>     stopping a Linux ROOT from doing things *nobody* should be allowed to do
>     without putting the system into some kind of maintenance mode.
> 
> 
> Well selinux stops root from doing those things. But im the only known human who doesn't dislike selinux. And other problems I have....
> :-D

You are not the only one who doesn't dislike or maybe even likes selinux. I consider it technically superior to apparmor as a mandatory access control system, and maybe both more flexible and user-friendlier as well. I found it generally fairly easy to find good documentation (e. g., Red Hat).

And I expect those who originated it, some still employed at USNSA, also think well of it, along with the current maintainers and likely enough quite a few other users.

Regards,
Tom Dial

> 
> 
>     .......
>     --
>     JHHL
>

Reply to:

References:
- Re: Don't try this at home kids
  - From: Nicholas Geovanis <nickgeovanis@gmail.com>

Prev by Date: need help on setup netgear adapter
Next by Date: Bug report help
Previous by thread: Re: Don't try this at home kids
Next by thread: Re: Don't try this at home kids
Index(es):
- Date
- Thread