From: Will Dye <willdye@dsndata.com>
To: selinux@tycho.nsa.gov
Cc: Jan Petranek <jan.petranek@student.uni-tuebingen.de>
Subject: Re: SELinux as a desktop / workstation?
Date: Tue, 08 May 2001 12:31:29 -0500 [thread overview]
Message-ID: <m14xBKd-00007kC@zuul.dsndata.com> (raw)
In-Reply-To: Your message of "Tue, 08 May 2001 13:55:29 +0200." <Pine.LNX.4.30.0105081344290.18206-100000@linux45.zdv.uni-tuebingen.de>
Jan Petranek writes:
> I assume, that most of you are using SELinux for server purposes.
> Is there someone, who is using it for his everyday-desktop machine?
A lot of Linux distros still turn on potentially-hazardous services
by default, even on "workstation" installations. I've read advice
colums that strongly advise turning nearly all services off at all
times, but personally I like having those options around. I don't
always know in advance when I might want to dial in from home to
one of my work machines, for example. Linux has not suffered as
much as Windows from viruses & trojans, but it is not immune. For
these and other reasons, even Linux "workstation" installations may
want ways to limit the amount of damage done by break-ins.
As long as the machine can handle a bit of a slowdown, I think it's
a good idea to put something like SELinux on *every* system -- even
my dinky old Toshiba 320CT laptop (266 MHz Pentium 1, 32 megs RAM).
There's a lot you can tweak if you need to cut back on the security
processing overhead. Desktop or server, I like my data intact.
Just one opinion,
--Will
_____________________________________________________________________
William Dye, Interim Chief Executive Cat-Herder, the Tweakdom Project
Open-source tweaks to "Freedom", an Internet privacy software system.
http://tweakdom.sourceforge.net No relation Zero-Knowledge Systems.
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2001-05-08 17:31 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-05-08 11:55 SELinux as a desktop / workstation? Jan Petranek
2001-05-08 17:31 ` Will Dye [this message]
2001-05-11 21:16 ` g.montgomery
2001-05-12 0:51 ` Bede McCall
2001-05-12 6:16 ` g.montgomery
2001-05-12 21:08 ` Will Dye
2001-05-13 1:03 ` Tom
2001-05-18 14:22 ` Jan Petranek
2001-05-18 17:58 ` Re[2]: " Maksim Otstavnov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m14xBKd-00007kC@zuul.dsndata.com \
--to=willdye@dsndata.com \
--cc=jan.petranek@student.uni-tuebingen.de \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.