[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Request to re-add option to disable SELinux

From: Andrew Farris <lordmorgul gmail com>
To: Development discussions related to Fedora <fedora-devel-list redhat com>
Subject: Re: Request to re-add option to disable SELinux
Date: Wed, 02 Jul 2008 18:29:21 -0700

Jon Masters wrote:

On Wed, 2008-07-02 at 17:16 -0400, Alan Cox wrote:

SELinux should be disablable is the wrong discussion. The discussion you should
be having is "I've filed a few bugs where SELinux didn't magically do the right
thing, how do we fix them and can we make these less likely to occur in future"


I think the only way to "fix" it for the foreseeable future is to
simplify policy, so that only a very limited set of services are
confined. Then, when the graphical tools and user experience have
eventually caught up, it'll be trivial to switch policy again.


selinux-policy-targeted is precisely that.

--
Andrew Farris <lordmorgul gmail com> www.lordmorgul.net
 gpg 0x8300BF29 fingerprint 071D FFE0 4CBC 13FC 7DEB  5BD5 5F89 8E1B 8300 BF29

Follow-Ups:
- Re: Request to re-add option to disable SELinux
  - From: Jon Masters

References:
- Request to re-add option to disable SELinux
  - From: Jon Masters
- Re: Request to re-add option to disable SELinux
  - From: Jesse Keating
- Re: Request to re-add option to disable SELinux
  - From: Colin Walters
- Re: Request to re-add option to disable SELinux
  - From: Jon Masters
- Re: Request to re-add option to disable SELinux
  - From: Alan Cox
- Re: Request to re-add option to disable SELinux
  - From: Jon Masters

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]