On Thursday 17 January 2008 10:27:22 Valent Turkovic wrote: > > What are the real security issues on desktop? OpenOffice exploits? Gnome > expoits? What? You aren't running apache, mysql and php Really? I can think of a few apps that use Apache or MySQL on the desktop. The first that comes to mind is Amarok, which can use MySQL to manage information about your music collection -- and I even know someone whose music collection is so large that he had to use MySQL because SQLite was breaking. Just because you can't think of how these servers might be used at home doesn't mean that there is no use for them. It just means that you have different needs, and therefore haven't found yourself using them. > on desktop and > those services shouldn't be running. Maybe ssh is running and that can > be hardened really easily with firewall rules. Maybe OpenSSH has an exploit that allows a remote user to start writing to rc.local, allowing them to take control of a system once it reboots. SELinux solves that problem. > What is actual threat > that SELinux prevents on Fedora Desktop? It may not even be known; SELinux makes the system less vulnerable to an attack. It also helps expose apps that are doing things that could worsen an attack, like GDM trying to gain write access to /etc/passwd. > Is it just there because SELinux exists and it makes things secure in > general but also gets in way of user experience? That is a poor excuse > IMHO. It gets in the way of the user experience when the user is doing something potentially dangerous. Most of the complaints about other systems is that it is too easy for the user to expose themselves to viruses and worms, but the only way to truly prevent that is to get in the user's face when he does something like that. There really is no good argument against SELinux, especially with permissive mode available for people who don't want to be bothered tweaking ACLs for every single service they plan to use. It is also possible to disable SELinux entirely, if that is what you want to do. Disabling it on the desktop spin would only annoy the people who want it enabled, because they would then have to wait while their filesystem is scanned (it takes a very long time). -- B
Description: This is a digitally signed message part.