From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <hihin@yandex.ru>
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham
	version=3.2.3
From: =?windows-1251?b?1ej16O0g0PPx6+Dt?= <hihin@yandex.ru>
To: ALT Linux Team development discussions <devel@lists.altlinux.org>
Date: Sun, 9 Mar 2008 10:17:40 +0300
User-Agent: KMail/1.9.9
References: <e12fd2db0803080900x47641afao4b0961bf33a9cbee@mail.gmail.com>
	<20080309065909.GA24653@solemn.turbinal>
In-Reply-To: <20080309065909.GA24653@solemn.turbinal>
X-Face: (&xiJ3u@NuLg`*; 3Ws|g; b?`RC2/c@sH%M-Y!x5o3P]`(\R;
	A[i]6h^=hs}Q<a(=?utf-8?q?8M2=3F3Nf=0A=092BRwS2=250?=@'0&n#7n4JO_A85"dycpI?VMd^&NwhFCXGrUi_/3LF-)&1,=?utf-8?q?=5FxUns=7E*tTeG=5C=60A=5B=0A=09sKe/yVg=7ECBNdZJ=26T?=)d%HIy)BzjO>^p;
	zT/ylve$udM$8g.HiV"ls(zei4D[!--P<=?utf-8?q?ef=5CiJ4=0A=09=3Da2wRCAO?=<KZM_#+7a.)QaTz%FR[^rW]*FhUW+2j(Nx[9zY9eO9"n/M`qJ~9xKKHBvyma$"=?utf-8?q?=0A=09=7ELzGh?=,f}%_fY2-qiID&U>qzO"(:gRVa/3IJS
MIME-Version: 1.0
Content-Type: text/plain;
  charset="windows-1251"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Message-Id: <200803091017.42208@ruslandh>
X-DCC-STREAM-Metrics: smtp02.mtu.ru 10002; Body=0 Fuz1=0 Fuz2=0
Subject: Re: [devel] =?windows-1251?b?U0VMaW51eCDiIP/k8OD1IEFMVA==?=
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.10b3
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Mar 2008 07:19:11 -0000
Archived-At: <http://lore.altlinux.org/devel/200803091017.42208@ruslandh/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>

Здравствуйте Alexey Tourbin
  В сообщении от 9 марта 2008 Alexey Tourbin написал(a):
 > On Sat, Mar 08, 2008 at 07:00:52PM +0200, Eugene Ostapets wrote:
 > > Я понимаю, что многим проще распихать сетевые сервисы по отдельным
 > > контейнерам, а не заниматься настройкой мандатной системы
 > > безопасности, но...
 >
 > Кстати, научный профессор DJB Бернштейн считает, что SELinux
 > ничего не даёт и нифига не нужен.
 >
 > 	I have become convinced that this "principle of least privilege"
 > 	is fundamentally wrong. Minimizing privilege might reduce the
 > 	damage done by some security holes but almost never fixes the
 > 	holes. Minimizing privilege is not the same as minimizing the
 > 	amount of trusted code, does not have the same benefits as
 > 	minimizing the amount of trusted code, and does not move us any
 > 	closer to a secure computer system.
 >
 > http://cr.yp.to/qmail/qmailsec-20071101.pdf
У заказчиков обычно другое мнение :)


-- 
С  уважением Хихин Руслан