Request to re-add option to disable SELinux
Jon Masters
jonathan at jonmasters.org
Thu Jul 3 01:34:53 UTC 2008
On Wed, 2008-07-02 at 18:29 -0700, Andrew Farris wrote:
> Jon Masters wrote:
> > On Wed, 2008-07-02 at 17:16 -0400, Alan Cox wrote:
> >> SELinux should be disablable is the wrong discussion. The discussion you should
> >> be having is "I've filed a few bugs where SELinux didn't magically do the right
> >> thing, how do we fix them and can we make these less likely to occur in future"
> >
> > I think the only way to "fix" it for the foreseeable future is to
> > simplify policy, so that only a very limited set of services are
> > confined. Then, when the graphical tools and user experience have
> > eventually caught up, it'll be trivial to switch policy again.
>
> selinux-policy-targeted is precisely that.
Or more precisely, it would like to be that. Abrupt, single line replies
like the above amuse me perhaps more than they should, because they
carry the implication that I didn't actually consider what is currently
implemented in Fedora before sending my original mail ;)
Anyway. I've tried to make my point, I'm done now :)
Jon.
More information about the fedora-devel-list
mailing list