... fedora-selinux
Jim Cornette
jim-cornette at insight.rr.com
Wed Mar 10 04:08:42 UTC 2004
Bevan C. Bennett wrote:
>
>> It depends on how well it keeps itself inline with staying out of
>> site for a normal user. I have no guess on the percentage of Linux
>> users that will not override the SELinux features. I am open to the
>> concept. But do not want additional problems thrown into the mix. NT4
>> as comparison caused me headaches as a user. I avoided it because it
>> was not setup to stay out of the way of using a computer.
>
>
> [Sorry for the excessive snipping.]
No problem with the snippage.
>
> It's my understanding that the default security configuration will
> stay out of the way and will provide a 'normal' seeming sort of
> environment. I agree with you that the new default should not make it
> more difficult for a normal user to use and manage their computer.
>
> The big bonus of SELinux is that you can then go in and, in a much
> more fine grained manner than is currently possible, adjust how
> certain things are or are not allowed to run. In the long run, this
> will help make the system -more- useable than currently because you'll
> be able to configure activities that are traditionally 'root only' to
> be more accessible by authenticated (or power) users without opening
> up everything else.
>
>
This sounds like the right directon to take with the concept. I know the
points brought up about running a cd-burner, without having to be root,
will be much appreciated. I am sure that there are many now root
priveleged items that will be more user friendly because of the SELinux
activity.
Jim
More information about the fedora-list
mailing list