Well I've noticed it indiscriminately blocks ports (like 1080 and 8080) without knowing more than the port number and assuming you shouldn't be using it (i.e. that port number MEANS you're trying to access a proxy or something).. Couple of other things too but they don't come to mind right now....
T > > > And SE Linux isn't likely to become common for single-user boxes. It > > > requires too much configuration, and if "properly" set up, it keeps you > > > > Au contraire. Lots of people are running SE Linux now and don't even > > realize it. Fedora Core 3 comes with it turned on by default now. And > > more distributions will do it this way in the future. So far in several > > months of heavily using FC3 it has never gotten in my way or prevented > > me from doing anything clever. It isn't the most strict least privilege > > configuration there could possibly be but it is a very worthwhile tradeoff. > > If it hasn't prevented you from doing anything clever, then it must be > running in name only. How will this help? -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
