We help IT Professionals succeed at work.

software vendor telling me we have to disable selinux to use thier software....

software vendor telling me we have to disable selinux to use their software.... how dangerous is this?
Comment
Watch Question

There is no way to quantify exactly how dangerous this is without knowing a lot of other variables.  But if you feel strongly about the security of your system you should start looking into alternative software.
Network Administrator
Commented:
The problem is most likely they don't know how to write selinux rules to allow their software... It usually involves running in "permissive" mode and then looking in selinux logs for what needs to be allowed.

Many people run without selinux enabled, and your risks are usually in line with the amount of exposure you have to the outside world.

http://www.lurking-grue.org/writingselinuxpolicyHOWTO.html

http://www.billauer.co.il/selinux-policy-module-howto.html
Scott SilvaNetwork Administrator

Commented:
I thought this was fair to split points.