> Using SeLinux still relies on one knowing which boxes to check and
> uncheck, what happens when you check or uncheck a box, and how to
> configure it to be secure. Besides, it's overkill if you are running an
> Asterisk box.
>
it also relies upon linux, and not everyone using asterisk is using
linux. Anything that further ties asterisk to a particular operating
system seems counterproductive.
systrace would likely be a better unix alternative than selinux given
what selinux does (generally speaking it adds a 3rd id to the uid/gid
pair).
This still makes it somewhat harder for the windows port of asterisk,
which I dont know how much of that still works, I know that some of it
got broken by other patches after it was working, I do not know if it
has been updated to allow for asterisk to run in windows.
--
Trixter http://www.0xdecafbad.com Bret McDanel
pgp key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x8AE5C721
Posts
No comments:
Post a Comment