[aklug] Re: selinux more trouble than it's worth?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Shane R. Spencer wrote:
> Public Key Authentication is the master of my world. Even web browsers support it via 802.1x
> certificates, however they are difficult to tie back to a web of trust.
> Shane
>
> Lee wrote:
>> That does seem to be the case though. Grr.
>>
>> Don't even get me started on my standard rant 204b on how 'nowadays passwords are the
>> problem, not the solution'.
>>
>>
>> ---------- Original Message -----------
>> From: "Shane R. Spencer" <shane@bogomip.com>
>> To: Lee <lee@afabco.org>
>> Cc: aklug@aklug.org
>> Sent: Tue, 02 Jun 2009 11:36:16 -0800
>> Subject: Re: [aklug] selinux more trouble than it's worth?
>>
>>> It wouldn't be secure if it weren't incredibly troublesome. :) Not a fact.
>>>
>>> - Shane
>>>
>>> Lee wrote:
>>>> Well, I've just spent the last two days setting up a centralized syslog server on
>> bare
>>>> metal.using centos5, mysql, php, phplogcon and apache2 All went well until I
>> actually
>>>> started trying to, like, do useful stuff.
>>>>
>>>> Nothing worked as expected.
>>>>
>>>> 9 out of 10 issues were selinux related.
>>>>
>>>> And there are still issues, but at least stuff is working now.
>>>>
>>>> So it seems to me at this point that selinux is way the hill more trouble than
>> it's worth.
>>>> But before I deactivate selinux in disgust and consign it to the 'interesting idea
>> way
>>>> more trouble than it's worth in real life' pile, I thought I'd see if others
>> shared my
>>>> thinking, or whether consensus is that selinux is seen as a useful and practical
>> thing.
>>>> Thanks.
>>>>
>>>>
>>>> ---------
>>>> To unsubscribe, send email to <aklug-request@aklug.org>
>>>> with 'unsubscribe' in the message body.
>>>>
>> ------- End of Original Message -------
>>
>
>
> -- Attached file included as plaintext by Ecartis --
> -- File: signature.asc
> -- Desc: OpenPGP digital signature
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkolgcoACgkQXK/vGhypreLJnACfXB/JgMO8mOI9N7lFH6r3l8uX
> VWMAmweYM5jyonLPmZhyCHz1eqWqsVRb
> =sJly
> -----END PGP SIGNATURE-----
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>

I want to hear rant 204b.

- --
Christopher Howard
http://indicium.us
http://theologia.indicium.us

I digitally sign /all/ of my e-mails via PGP. If you receive any e-mail
from me without my valid PGP signature, please take additional steps to
verify the authenticity of the message.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkolgrAACgkQQ5FLNdi0BcWvtQCgnDqx8iljBGyxbYpQk4GppsTr
gJwAn1PeieHinV7M5fY2gBzkp101Gc9i
=9IYQ
-----END PGP SIGNATURE-----
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Jun 2 11:51:25 2009