SElinux

Stephen Smalley sds at tycho.nsa.gov
Mon Apr 3 14:55:26 UTC 2006 

On Mon, 2006-04-03 at 02:00 -0700, Craig White wrote:
> I don't see that - I see people conceding defeat without trying. Again,
> I think the biggest obstacle is the use of language tokens that make it
> appear to be complicated where if it were natural language, far fewer
> people would be freaked out.
> 
> In reality, it's not a server/desktop thing. It's only a matter of
> whether said user is willing to spend the time/energy necessary to
> understand at the very least, how to stop SELinux blocks from happening.
> It looks like rocket science, it's not rocket science.

While I agree that SELinux is not rocket science, I don't think that the
above is fair to users.  SELinux does need a lot of improvement in
useability, and such work is in progress.  We shouldn't criticize the
messenger - we should learn from them in order to improve the useability
of SELinux.  At the same time, we shouldn't sacrifice the foundation
that we already have, which is the right mechanism for security; we
should instead build upon it in order to provide something that is both
secure and useable.  The alternative is the mistake made by some others
- conflating the user interface with the mechanism and crippling their
security mechanism in order to make it "useable" rather than building
easy-to-use tools and languages on top of a general purpose and complete
security mechanism.

The need to improve useability of SELinux was discussed at the SELinux
summit last month; the minutes are over at selinux-symposium.org for
those who are interested.  There are a number of tools in progress.
There is also improving documentation over at the Fedora SELinux wiki.

But in the end, let's be clear - choosing to disable SELinux is a
legitimate option for users, and if we are at fault for not making it
easy enough to use, then let's make it easier to use rather than blame
those who are disabling it.  And even when it is easier to use, some may
still choose to disable it - and that's ok.

-- 
Stephen Smalley
National Security Agency

More information about the fedora-list mailing list