Tracy R Reed wrote:
..Todd Walton wrote:
The Future of SELinux
http://securityblog.org/brindle/2006/08/24/the-future-of-selinux-or-how-we-are-going-to-take-over-the-world/
I agree with this 100%. We do need to get rid of the root user. RedHat
shouldn't even configure a root password. It should instead configure a
regular user password and give that user sudo...
I haven't come to grips with SELinux yet (though I suspect I eventually
will), but I heartily concur with the statement about root.
Sample argument: I have finally come to appreciate the value of the
/var/log/secure in documenting system changes. Real Soon Now (tm), I'm
going to get these records into a database, so that I won't be so upset
next time I have to undo or redo something (like reconfigure after an
upgrade).
Uhhh, (confession) I still use a root shell, but just for looking at
stuff -- i swear!
OK, you Wise-Old-Wizards go-ahead and have your smug smile. I'm finally
starting to 'get it'.
Regards,
..jim
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
