Core 3 Release 1 - SELinux is activated by default
Terry Linhardt
linhardt at swbell.net
Sat Jul 17 01:46:59 UTC 2004
On Fri, 2004-07-16 at 17:55, Jason L Tibbitts III wrote:
> >>>>> "TL" == Terry Linhardt <linhardt at swbell.net> writes:
>
> TL> My sense is that the SELinux version remains something of interest
> TL> for only a sub-set of users.
>
> I think security is of interest to the vast majority of users. Or are
> you of the opinion that the security we have currently is all the
> security we need?
Jason, thank you for the feedback. No, without a doubt I believe efforts
should be made to increase security. If I didn't believe that, I would
advocate using another company's OS <smile>.
>
> TL> That being the case, why turn it on by default for individuals who
> TL> may not desire to use/test it?
>
> This is a test release. If you don't desire to test things, why are
> you using a test release?
Look, I was suggesting something for consideration. The rationale is
that many individuals don't care to get "entangled" in SELinux at this
time. There are plenty of other things to be tested. Now, I'll accept
that the case can be made that the configuration can be readily changed
via a drop-down box, and an individual should know what they are doing
when they accept a "default" (which is to implement SELinux). However,
my sense is that when something is implemented which requires some
different admin techniques then the default should be to "not
implement."
But you know, I could even be wrong. :)
Terry
>
> - J<
>
More information about the fedora-list
mailing list