... fedora-selinux

[Jim Cornette]

Bevan C. Bennett wrote:

>
>> It depends on how well it keeps itself inline with staying out of 
>> site for a normal user. I have no guess on the percentage of Linux 
>> users that will not override the SELinux features. I am open to the 
>> concept. But do not want additional problems thrown into the mix. NT4 
>> as comparison caused me headaches as a user. I avoided it because it 
>> was not setup to stay out of the way of using a computer.
>
>
> [Sorry for the excessive snipping.]

No problem with the snippage.

>
> It's my understanding that the default security configuration will 
> stay out of the way and will provide a 'normal' seeming sort of 
> environment. I agree with you that the new default should not make it 
> more difficult for a normal user to use and manage their computer.
>
> The big bonus of SELinux is that you can then go in and, in a much 
> more fine grained manner than is currently possible, adjust how 
> certain things are or are not allowed to run.  In the long run, this 
> will help make the system -more- useable than currently because you'll 
> be able to configure activities that are traditionally 'root only' to 
> be more accessible by authenticated (or power) users without opening 
> up everything else.
>
>
This sounds like the right directon to take with the concept. I know the 
points brought up about running a cd-burner, without having to be root, 
will be much appreciated. I am sure that  there are many now root 
priveleged items that will be more user friendly because of the SELinux 
activity.

Jim