|
|
|
|
|
|
by jandrusk
1514 days ago
|
|
|
The other thing is that not all sysadmins are security engineers and you essentially have to be one to be able to manage SELinux well. You really have to understand the security implications of incorporating policy X for application Y. Minimally, Redhat needs to come up with some better documentation around managing it along with better tools for managing policy. Like say, exporting the existing policy set before each upgrade or policy change and import them back? I'm thinking sort of what is done when a package is updated and you are prompted if you want to keep or replace your existing configs. |
|
|