On Thu, 27 Dec 2007, Stephen Frost wrote:
> Debian also has SELinux, if one wishes to configure it. I suspect other
> Debian-derived distributions also have it as a result. It can certainly
> be a pain to configure but it's far from impossible
That's a good summary. As of Debian Etch (April of this year) the base
distribution now include enough SELinux compatible userland packages for
the fundamental utilities (ssh, svsvinit, pam, cron, some others) that you
don't have to run around hacking a set of patches anymore just to get the
base system working.
There is also a Hardened Gentoo with SELinux. The most notable
distribution where SELinux support is seriously dead is SuSE.
RHEL/Fedora are the only distributions where SELinux is taken seriously
enough that most packages/daemons are patched and have policies setup in a
useful state out of the box. But with some work you can customize a
reasonable setup on some other distributions.
* Greg Smith gsmith(at)gregsmith(dot)com http://www.gregsmith.com Baltimore, MD
In response to
pgsql-hackers by date
|Next:||From: Naz Gassiep||Date: 2007-12-28 15:09:23|
|Subject: Re: Spoofing as the postmaster|
|Previous:||From: Peter Eisentraut||Date: 2007-12-28 10:55:12|
|Subject: Selectivity estimation for equality and range queries|