Request to re-add option to disable SELinux
Jon Masters
jcm at redhat.com
Wed Jul 2 20:39:35 UTC 2008
On Wed, 2008-07-02 at 16:29 -0400, Matthias Clasen wrote:
> On Wed, 2008-07-02 at 16:10 -0400, Jon Masters wrote:
>
> >
> > *). Tools like nautilus do not support labeling of files via the
> > right-click properties dialog (gnome VFS, etc.) so there is no easy way
> > for an end user who even understands part of this to fix context. This
> > is the number one reason why SELinux should not be enabled by default,
> > except on systems where there is an admin who can use chcon.
>
> I don't disagree with the general sentiment that selinux is not a very
> good fit for desktop users as it is today. But nautilus _does_ support
> labeling of files via the right-click properties dialog.
It displays the current context. I'm guessing if you're root at the time
then it probably allows you to change it, but that's not useful until
there's e.g. a PolicyKit hook that allows regular users to relabel.
Jon.
More information about the fedora-devel-list
mailing list