G'day -
-----Original Message-----
I see selinux as implementing bad practice. if daemons and apps aren't secure on their own then papering over that with a complex set of empirical behaviour checks isn't really going to help very much.
If you don't exercise full control over applications then those checks might be the best control you've got.
have there been many (any?) real world examples of selinux stopping attacks?
You're asking for examples of non-events. Regards Slav "This e-mail and any attachments to it (the "Communication") is, unless otherwise stated, confidential, may contain copyright material and is for the use only of the intended recipient. If you receive the Communication in error, please notify the sender immediately by return e-mail, delete the Communication and the return e-mail, and do not read, copy, retransmit or otherwise deal with it. Any views expressed in the Communication are those of the individual sender only, unless expressly stated to be those of Australia and New Zealand Banking Group Limited ABN 11 005 357 522, or any of its related entities including ANZ Bank New Zealand Limited (together "ANZ"). ANZ does not accept liability in connection with the integrity of or errors in the Communication, computer virus, data corruption, interference or delay arising from or in respect of the Communication."