Request to re-add option to disable SELinux - compromise
Arthur Pemberton
pemboa at gmail.com
Mon Jul 7 15:57:44 UTC 2008
On Mon, Jul 7, 2008 at 10:28 AM, max <maximilianbianco at gmail.com> wrote:
> Denis Leroy wrote:
>>
>> max wrote:
>>>
>>> Denis Leroy wrote:
>>>>
>>>> max bianco wrote:
>>>>>
>>>>> Can an option to completely disable the ability to disable SELinux be
>>>>> added? I'd rather there was no way to turn it off at all.
>>>>
>>>> that doesn't make *any* sense
>>>>
>>> It make as much sense as the rest of this thread and what it proposes.
>>> Yes I realize this is extreme but no more extreme in my view than disabled
>>> by default or offering the option at install time. There is already a way to
>>> disable it if you know enough and if you don't then you need it on anyway.
>>> For crying out loud my girlfriend uses Fedora, her use is much closer to
>>> average than any of the rest of us and SELinux has *never* caused her a
>>> problem. My mother, as computer illiterate as they come( no disrespect
>>> intended Mom) does not have any problems. This conversation is pointless, I
>>> see a hundred posts about people complaining about people discussing things
>>> like the GPL on a developer's list, a subject quite relevant in my view, but
>>> when the idea of disabling practically the only security present on the
>>> system is brought up , it actually gets entertained? Disable it?!?What?!? It
>>> seems to me that entirely too many people have their priorities seriously
>>> out of whack.
>>
>> you are COMPLETELY missing the point. In some context, security is
>> irrelevant. Like that Fedora system we use in our lab at work for bringup
>> testing: it doesn't even have a network card.
>>
>
> The last time I looked a computer without internet access is completely
> useless to the average user. What do you think the majority of people are
> doing with their computers? playing solitaire? No network card is not the
> norm. Anyway what's to stop some disgruntled employee from quietly loading a
> program onto your test box that will have you scratching your head for days
> because you can't imagine what might be wrong. I think you have missed my
> point, probably because I failed to express it adequately so I will drop
> it. This insanity isn't worth discussing anyway.
I like SELinux due to the fact that is has personally saved my sorry
ass at least once. However, I feel that users should be given the
opportunity to disable SELinux at will. In my case, I disable SELinux
on my firewalled, natted desktop.
--
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )
More information about the fedora-devel-list
mailing list