Why does Python want to read /proc/meminfo
Marko Rauhamaa
marko at pacujo.net
Sun May 7 02:58:22 EDT 2017
Dan Stromberg <drsalists at gmail.com>:
> Also, don't be overly hard on SELinux. It's a relatively young
> technology and may still adapt to such needs better in the future.
SELinux suffers from big problems, the biggest being its lack of a
proper methodology. There is no cookbook for developers for making their
products SELinux-aware. RedHat has made a huge effort in creating a
comprehensive SELinux policy covering every product they bundle in their
distro, but they can't take into account third-party developers. System
administrators are given a very unscientific tool (audit2allow) for
dealing with SELinux roadblocks.
I'm much more hopeful with regard to virtual machines, containers and
namespaces. They are easier to understand and easier to get right.
Marko
More information about the Python-list
mailing list