selinux eradicator?
Rahul Sundaram
sundaram at fedoraproject.org
Fri Jun 29 01:13:40 UTC 2007
Tom Horsley wrote:
> On Thu, 28 Jun 2007 20:43:54 -0400
> Jim Cornette <fc-cornette at insight.rr.com> wrote:
>
>> You can disable it and remove associated programs if you choose to. I
>> thought it would be worth mentioning that one who did not find value
>> with SELinux has converted to preferring SELinux because the SELinux
>> Troubleshooter informs you of the problem along with good explanations
>> and corrective actions to allow your system to work as you intend it to
>> work.
>
> Oh goody! Now it comes with a useful tool that explains exactly
> why it is being a pain in the ass :-).
There are real and potential security issues that SELinux trouble
shooter can inform and help fix. An example of a class of problems
being exposed by SELinux is
http://people.redhat.com/drepper/selinux-mem.html. Not being informed
about those issues might be superficially better but it's false comfort.
> Its not a pain at all if I disable it.
Sure. Firewall problems go away if you disable it too.
Rahul
More information about the fedora-list
mailing list