Thanks for all the responses to my remote desktop login question.  I'm
pretty sure we will deploy FreeNX for that function.

This question has to do with the same server.  A tech savvy manager
says we should use "NSA Linux" on the remote desktop host server.
What he means is use the SELinux security features.

Now, I don't have lots of experience with setup and maintainence of
SELinux.  I hAve read that it is painful and requires more
administration than just "set and forget."

A similar technology is the AppArmor profiles for applications.  Said
to be easier to use than SELinux but provides much the same benefits.

Then a third camp seems to think that both of these are overkill and a
headache for the benefits gained.  They feel that, configured
correctly, standard user security on a Linux box is secure enough for
most business applications.

Where do any of you stand on this argument?  Is SELinux really a pain
to setup and use?  Is AppArmor interesting but not worth it?

Given the function of the server as I previously described in that
other thread (http://lists.plug.phoenix.az.us/lurker/thread/20081030.230820.05346d48.en.html#20081030.230820.05346d48),
What security extensions would you deploy and why?

Alan
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss