from Hacker News

Ask HN: Do you use SELinux in production?

by skarap on 8/12/16, 10:10 AM with 1 comments

My team is working on a product (SaaS which allows one to migrate servers from one cloud to another) and we need to decide if we're going to support servers which have SELinux enabled.

A couple of years ago (when 5 was most popular RHEL) almost every article and software installation manual out there started with "disable SELinux if you haven't already", but looks like in the recent years this has changed. So the question is - do you have SELinux enabled in production? Did you write a custom policy or just use "targeted"? Do you run your own software/daemons in a confined domain?

Note: this is not a question about if SELinux is good or bad or if one should use it. This is about current production use.

by CyberFonic on 8/12/16, 11:01 AM
Still don't use SELinux. Investigated it a couple of years ago. Didn't like Red Hat, in general, at the time. Since then have used Debian. Considering OpenBSD as a more secure alternative, but haven't switched any servers over yet.