doubleu last edited by
Are there any plans to do what Citrix won't and actually enable SELinux by default?
It's a pretty basic security measure at this point and it's kind of odd that a hypervisor of all things would explicitly disable it instead of working with it.
If it's been looked at, what is preventing it from happening now?
- I have no idea, ask Citrix: https://bugs.xenserver.org
- Well, Xen isn't Linux. It's a micro kernel booting first then having a privileged domain to administrate VMs. So there is still some CPU/memory isolation on Xen level that isn't required in the dom0 itself.
But I can't tell more if there is specific reasons, Citrix has the answer.