first encounters with SELINUX, with some suggestions
Thomas Vander Stichele
thomas at apestaart.org
Thu Nov 11 17:02:55 UTC 2004
Hi,
> All RH developers do not work on FC3. (A Lot run on RHEL 3 and AS 2.1).
Point taken.
> SELinux with strict policy was very difficult to develop on so a lot of
> developers turned it
> off, now that it is targeted policy, they are using it more and more.
Agreed - now that I understand the difference between the two, and
having read Colin's introduction, I see and understand how much better
"targeted" really is. I guess a lot of people, myself included, got
burned during test cycles where strict was the default.
Please make sure people *realize* this subtle point - lots of people
turn SELINUX off by default completely because of this.
> Most of the problems
> we are seeing now are with different Apache setups, which most
> developers would not
> have discovered on the desktop.
Understood, valid point.
Thomas
Dave/Dina : future TV today ! - http://www.davedina.org/
<-*- thomas (dot) apestaart (dot) org -*->
And every time she sneezes
I think it's love and oh lord
I'm not ready for this sort of thing
<-*- thomas (at) apestaart (dot) org -*->
URGent, best radio on the net - 24/7 ! - http://urgent.fm/
More information about the fedora-devel-list
mailing list