fedora-selinux-list Digest, Vol 18, Issue 9
Joe Orton
jorton at redhat.com
Tue Aug 9 15:36:42 UTC 2005
On Tue, Aug 09, 2005 at 10:35:54AM -0400, John Griffiths wrote:
> Joe Orton wrote:
> The above all represent important functionality.
>
>
> Agreed.
>
> I'm not convinced that the security vs usability tradeoff is being won
> in favour of enabling the boolean by default.
>
>
> I don't quite understand this sentence. Are you saying the boolean should
> be enabled by default? We certainly need the functionality. When security
> gets in the way of getting the job done, then we have lost the war.
Sorry, I inverted the logic! I'm arguing that the
httpd_can_network_connect boolean should be enabled by default, yes.
joe
More information about the fedora-selinux-list
mailing list