selinux eradicator?

Jim Cornette fc-cornette at
Fri Jun 29 02:02:16 UTC 2007

Tom Horsley wrote:
> On Thu, 28 Jun 2007 20:43:54 -0400
> Jim Cornette <fc-cornette at> wrote:
>> You can disable it and remove associated programs if you choose to. I 
>> thought it would be worth mentioning that one who did not find value 
>> with SELinux has converted to preferring SELinux because the SELinux 
>> Troubleshooter informs you of the problem along with good explanations 
>> and corrective actions to allow your system to work as you intend it to 
>> work.
> Oh goody! Now it comes with a useful tool that explains exactly
> why it is being a pain in the ass :-).
> Its not a pain at all if I disable it.

According to some, it consumes too much because of updates whether it is 
active or not. It does not matter to me whether people run with it 
enabled or not.

With the new user tools you can set it up easier and it no longer gets 
in the way for your intended operation. Other elements which do get by 
with conventional security programs like people trying to run elements 
under /proc are flagged and prevented.

Also, while I was addressing the need for adjustments to SELinux, I 
changed some aspects of other programs to make them more secure. 
(Limiting external users and whether they have a shell for the account)

Since I did not use SELinux in active mode prior to F7 substantially, it 
does not surprise me much that others still would find relatively easy 
adjustments to SELinux to still be a bother.

Maybe F8 will be automagic enough for you to use. (?)


More information about the fedora-list mailing list