SELinux removed from desktop cd spin?
Valent Turkovic
valent.turkovic at gmail.com
Wed Jan 16 20:19:38 UTC 2008
On Jan 16, 2008 9:03 PM, Daniel P. Berrange <berrange at redhat.com> wrote:
> On Wed, Jan 16, 2008 at 08:57:56PM +0100, Valent Turkovic wrote:
> > Hi,
> > I believe that SELinux is a great linux server security hardening tool
> > but that has little use in desktop linux usage and it confuses
> > ordinary desktop users.
>
> It is of great use in a desktop spin. On my 'desktop' install for my
> laptop I have many many system daemons running under a confined domain
You, of course, will always have the ability to choose to install it
and use it.
> > If it hasn't been discussed before I would like to propose that on
> > desktop cd spin SELinux is not installed by default, of course after
> > discussion and approval from you (fedora devels).
>
> No. SELinux provides very real & important protection for desktop users.
Can you give me examples of this protection over fedora 9 without
SELInux or with SELinux in permissive mode?
I'm a desktop user and I personally don't see any benefit. It actually
prevented me in using multimedia on fedora 8 desktop (I filed a bug).
I believe it is more of a nuisance (constant alerts) for average
desktop users. Advanced users always have an option to install and use
SELinux if they need it.
Cheers,
Valent.
--
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic
More information about the fedora-devel-list
mailing list