[NTLUG:Discuss] SELinux
Paul M Foster
paulf at quillandmouse.com
Sun May 28 11:30:27 CDT 2006
Terry Henderson wrote:
> On 5/28/06, Leroy Tennison <leroy_tennison at prodigy.net> wrote:
>> Began reading Red Hat's SELinux documentation (RHEL 4) and it sounded
>> like something only they were doing so I decided to Google for "SELinux"
>> and "distribution". Found a reference to "SELinux for SuSE is dead" and
>> then a reference to AppArmor on the Novell Website. Anyone used either
>> and have an opinion? Is SELinux really dead on SuSE?
>>
>> _______________________________________________
>> http://ntlug.pmichaud.com/mailman/listinfo/discuss
>>
>
> According to Wikipedia, SELinux "is not a Linux distribution, but
> rather a set of modifications that can be applied to Unix-like
> operating systems, such as Linux and BSD" From:
> http://en.wikipedia.org/wiki/SELinux
>
> I'm not sure what "SELinux for SuSE is dead" actually means, but you
> can always find distro hawks that will run down other distributions
> just to drive home the point that what THEY have is better - and I'm
> guessing that's what this is about, (but I could be wrong..).
>
SELinux is a pain to implement for a distribution, because of its fine
grained control of security. It's hard to configure it in such a way
that it doesn't impede a user's use of the machine. Few or no distros
include it as a default choice because of this. I'd guess that the folks
at SuSE have found the same thing to be true. Novell has its own answer
to fine-grained security with App Armor, and it appears to be less
onerous than SELinux. And since Novell now owns SuSE, it may be that
they're going to use their own solution rather than SELinux.
--
Paul M. Foster
More information about the Discuss
mailing list