Why SELinux is more work, but well worth the trouble
Source: IT World - Posted by Dave Wreski   
SELinux Many of us got used to the simple owner, group, and other model of Unix security so long ago that we were somewhat taken back when the setfacl and getfacl commands were introduced and added complexity to file permissions. All of a sudden, users and groups could be assigned access privileges separately from these three groupings and we had to pay attention to + signs at the ends of our permissions matrices that reminded us that additional access permissions were in effect. Today, most Linux systems are implementing SELinux -- a far-reaching security enhancement that changes the character of system security, but requires that we deal with some additional complexity in managing our systems.

Read this full article at IT World

Only registered users can write comments.
Please login or register.

Powered by AkoComment!