SE Linux and BIND9

July 26, 2008


DSA 1617-1 a security update from Debian says they forgot to update the SE Linux policy that would allow BIND9 to randomize its source ports…

I always found SE Linux to be too complex for my needs, but now it turns out you can actually be more vulnerable when you run SE Linux.

I know enough.