What do my Debian Community peers think of SELinux?
Posted: 2016-10-24 20:27
Hello everyone!
I've been an avid user for a little bit over a year. Debian Stable+Backports on my laptops, and Sid on my desktop.
Recently, have been working towards an RHCSA to add to my resume and using Debian my KVM host, with 3 RHEL guests running when needed for certification purposes.
I am learning about SELinux. It's got a lot of fine grain levels of access given certain contexts.... There's a lot to process, but I can see how this could be useful at a super paranoid company, Financial Institution, or Government Agency.
RHEL is all in with SELinux. I'm sure for business reasons as their market is heavily U.S. based and they are a contractor for the U.S. Government.
What is the Debian's community's take on SELinux? Is it a bit too much for the paranoid? I've heard about AppArmor, haven't touched a single bit of it though. I'm assuming it's similar for these high security users.
I've also seen that SELinux is installable on Debian. I currently don't have it installed, or am planning on doing so for any of my current machines. But, I might be deploying a Debian server for work early next year, and wanted to get a perspective from the community to see if it should be necessary, or if leaving it without is just fine too.
Thanks beforehand!
I've been an avid user for a little bit over a year. Debian Stable+Backports on my laptops, and Sid on my desktop.
Recently, have been working towards an RHCSA to add to my resume and using Debian my KVM host, with 3 RHEL guests running when needed for certification purposes.
I am learning about SELinux. It's got a lot of fine grain levels of access given certain contexts.... There's a lot to process, but I can see how this could be useful at a super paranoid company, Financial Institution, or Government Agency.
RHEL is all in with SELinux. I'm sure for business reasons as their market is heavily U.S. based and they are a contractor for the U.S. Government.
What is the Debian's community's take on SELinux? Is it a bit too much for the paranoid? I've heard about AppArmor, haven't touched a single bit of it though. I'm assuming it's similar for these high security users.
I've also seen that SELinux is installable on Debian. I currently don't have it installed, or am planning on doing so for any of my current machines. But, I might be deploying a Debian server for work early next year, and wanted to get a perspective from the community to see if it should be necessary, or if leaving it without is just fine too.
Thanks beforehand!