trying to understand SELinux message
Marko Vojinovic
vvmarko at gmail.com
Mon Nov 16 11:51:27 UTC 2009
On Monday 16 November 2009 06:27:27 Mr. Teo En Ming (Zhang Enming) wrote:
> From Wikipedia:
>
> “...given the threat models and capabilities of the adversaries
> involved, that's probably appropriate... But that’s not necessarily
> appropriate for all users. SELINUX is so horrible to use, that after
> wasting a large amount of time enabling it and then watching all of my
> applications die a horrible death since they didn't have the
> appropriate hand-crafted security policy, caused me to swear off of
> it. For me, given my threat model and how much my time is worth, life
> is too short for SELinux.” — Theodore Ts’o
This is utter bullshit. I wonder why nobody edited this out of Wikipedia by
now...
Yes, in the early days SELinux was rough around the edges here and there, but
not today. And yes, SELinux does have a learning curve, but by now there are
plenty of nice GUI tools that help people deal with it without actually having
to learn the internals, changing the policy manually, etc.
This is FUD, please stop spreading it.
Best, :-)
Marko
More information about the fedora-list
mailing list