> Am 31.01.2018 um 16:35 schrieb Daniel Stirnimann: >>> that don't change the fact that from that moment on all protections for >>> *that* service are gone while with layered security and >>> systemd-hardening are still in place >> >> Where is the layered security if you disable for e.g. systems-hardening >> for a service? I don't understand your argument. If you don't want to >> loose the security provided by the hardening, then you should not >> disable it but fix it > > what exactly do you not understand?
I understood your original answer that you see SELinux as an inferior approach compared to other hardening mechanisms and I would have liked to know why. However, this message made it clear that you favor a layered security approach which is fine. Thank you, Daniel _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
