Do you use SELinux
ignored_mailbox at yahoo.com.au
Fri Jun 8 05:44:16 UTC 2007
On Thu, 2007-06-07 at 22:13 +0800, a bc wrote:
> how many of you activate selinux in fedora here? i know it will be
> more security for the computer. is it useful on a desktop computer?
> why does fedora 7 activate it as default?
It became less painful around the era of FC4, I've since left it at the
The usefulness of it will depend on how you use it, and what problems
exist on your PC that *it* helps mitigate against. If you disable
rather than configure things to solve a problem, it's useless. If you
allow things blindly, rather than configure things properly, then it'd
still be useless (i.e. deny something that should be denied, don't just
allow things because they want it).
It's on by default as a protective measure (e.g. like the firewall is).
Hopefully any problems with it get reported, properly. That way,
software that demands extra privileges gets examined, and rules created
to allow what really is needed, or software re-compiled in a better way
so that it doesn't demand something it doesn't really need, or doesn't
do something in a stupid manner.
(This box runs FC5, my others run FC4 & FC6, in case that's
important to the thread.)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the fedora-list