Re: SELinux works like a charm in Ubuntu!

Subject:	Re: SELinux works like a charm in Ubuntu!
From:	Luis
Date:	Sat, 3 Feb 2007 20:30:58 -0500

On 2/3/07, Felipe Alfaro Solana <felipe.alfaro@xxxxxxxxx> wrote:

On 2/3/07, Joel Bryan Juliano <joelbryan.juliano@xxxxxxxxx> wrote:
> SELinux does wonders on my Feisty machine. I noticed that when it's turn on,
> applications don't get any noticeable delays when loading, I can run QEMU
> now without sacrificing the performance of the host OS. Everything runs so
> smooth. Networking also runs well without any problems, Sharing files using
> gshare (Avahi FTP Daemon), SAMBA works, and other host can connect to me
> without problems. I can even connect to this PC by my .local address and
> grab the correct time in the internet using ntpd. I have done alot of
> searching on the net because I was so reluctant about it, I have fears about
> the effects on compiling a program, but couldn't find any, so I just tried
> it myself and to my surprise It works like a charm, and doesn't affect the
> compiled programs.
>
> The only settings that is not working in Ubuntu is enforcing mode, which
> will not boot the machine, but permissive with strict policy works. I'm
> using targeted policy.

Errr... I think that permissive mode is not very useful. I mean, any
policy (even broken ones) will work in permissive mode, since the
kernel simply logs invalid actions, but does not prevent them from
happening.

Well said

> To install SELinux, just grab selinux-basics and it would install the
> targeted policy. The strict policy and src policy would have to be installed
> manually. After that you'll have to enable it at boot with selinux=1 option.
>
> Just sharing this wonderful features most of us doesn't use.

Fedora Core 6 has a good working SELinux policy (after three releases,
they are getting close to getting an usable policy) and I've been
using SELinux for sometime, not with problems, but :-)

Which bothers me a lot about Debian. Why hasn't debian supported SELinux as well as the Fedoras have? I understand the "laid-back" approach of the DDs, but SELinux is mature and good enough to use now, especially on a desktop system, where things won't be breaking as often as on a server.

--
----)(-----
Luis Mondesi
*NIX Guru

"Feliz el hombre que ha hallado sabiduria y el hombre que consigue discernimiento, porque el tenerla como ganancia es mejor que tener la plata como ganancia; y el tenerla como producto, [mejor] que el oro mismo" (Prov 3:13-14).

-- 
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

<Prev in Thread]	Current Thread	[Next in Thread>
SELinux works like a charm in Ubuntu!, Joel Bryan Juliano Re: SELinux works like a charm in Ubuntu!, Felipe Alfaro Solana Re: SELinux works like a charm in Ubuntu!, Luis <= Re: SELinux works like a charm in Ubuntu!, Gabriel Dragffy Re: SELinux works like a charm in Ubuntu!, Felipe Alfaro Solana Re: [OBORONA-SPAM] SELinux works like a charm in Ubuntu!, Gabriel Dragffy Re: [OBORONA-SPAM] SELinux works like a charm in Ubuntu!, Felipe Alfaro Solana

Previous by Date:	Ubuntu Vista, Dave M G
Next by Date:	Re: having a normal user mount nfs filesystem, Linda Hanigan
Previous by Thread:	Re: SELinux works like a charm in Ubuntu!, Felipe Alfaro Solana
Next by Thread:	Re: SELinux works like a charm in Ubuntu!, Gabriel Dragffy
Indexes:	[Date] [Thread] [Top] [All Lists]