How best get rid of SELinux?

[Tim]

On Thu, 2007-09-20 at 15:36 -0500, Mike McCarty wrote:
> It's too bad that Red Hat has jumped on the SELinux bandwagon
> so wholeheartedly. That is, it is for those of us who don't like
> it, but want to use Red Hat products or projects. 

One of the (almost) unsung benefits of it is to do with created
software.  

If the programmers use a system with SELinux, they're forced into
writing their software better.  And we end up with software which
doesn't require dangerous executable things in places they shouldn't be,
doesn't try to access files it shouldn't, etc.  They can, of course,
just write it any old way, and it won't work on our systems.  Or try to
get us to use sloppy security to allow it, but probably won't succeed in
getting that approach accepted.

On the other hand, without any SELinux, trying to make your system
secure, when you're using programs that the software authors had
free-range to do any old crap in the first place, is much more
difficult.

-- 
[tim at bigblack ~]$ uname -ipr
2.6.22.4-65.fc7 i686 i386

Using FC 4, 5, 6 & 7, plus CentOS 5.  Today, it's FC7.

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.