Thanks for all the responses to my remote desktop login question. I'm
pretty sure we will deploy FreeNX for that function.
This question has to do with the same server. A tech savvy manager
says we should use "NSA Linux" on the remote desktop host server.
What he means is use the SELinux security features.
Now, I don't have lots of experience with setup and maintainence of
SELinux. I hAve read that it is painful and requires more
administration than just "set and forget."
A similar technology is the AppArmor profiles for applications. Said
to be easier to use than SELinux but provides much the same benefits.
Then a third camp seems to think that both of these are overkill and a
headache for the benefits gained. They feel that, configured
correctly, standard user security on a Linux box is secure enough for
most business applications.
Where do any of you stand on this argument? Is SELinux really a pain
to setup and use? Is AppArmor interesting but not worth it?
Given the function of the server as I previously described in that
other thread (
http://lists.plug.phoenix.az.us/lurker/thread/20081030.230820.05346d48.en.html#20081030.230820.05346d48),
What security extensions would you deploy and why?
Alan
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)