top | item 13556383

(no title)

Keep in mind there are a LOT of apps deployed on systems with SELinux with few, if any, tests

Further, the divide between ops and developers in many cases leaves this as an unsolvable problem - it's not the dev's job to do sysadmin, and ops lacks the expertise (or time) to comprehensively analyze the code base

You're right that this makes the app poorly behaved, but if that can't be addressed then... permissive mode it is

discuss

snuxoll|9 years ago

Everyone keeps telling sysadmins they need to be able to write code, how about developers start learning more about how their applications are deployed.

I wear both hats, and then some more on top of that - if someone on my team is doing something that will make deployment and security difficult I make sure to nip it in the bud during testing.