USB thumb drive question...
Stephen Smalley
sds at epoch.ncsc.mil
Wed Oct 13 17:00:03 UTC 2004
On Wed, 2004-10-13 at 12:24, Jerone Young wrote:
> One bug today.... another bug tommorow. Average users could care less
> about SELinux, so why have it on, if it's just going to cause
> potential issues for average users.
Just FYI, this topic (SELinux off by default in FC3) was discussed on
fedora-devel-list recently, see the thread starting at
http://marc.theaimsgroup.com/?l=fedora-devel-list&m=109710510103110&w=2.
A brief response to your points:
- Aren't "average" users concerned about their personal data being
destroyed or leaked by flawed and malicious code? See
http://www.nsa.gov/selinux/papers/inevit-abs.cfm. Hence, average users
should benefit from SELinux.
- If "average" users truly don't care about security and/or SELinux
truly does get in their way, they _can_ easily disable SELinux at
install time or later. In contrast, getting users to explicit enable
SELinux is much less likely. Compare with providing secure defaults for
firewall configuration and in encouraging people to use non-root logins
by default.
- If SELinux is disabled by default, then it gets corresponding less
testing, maintenance, further integration, enhancements, etc and there
is little chance of third party application developers paying any
attention to security integration issues. Likelihood that SELinux
support in the base OS will bitrot and break is _high_; see FC2 for an
example. Likelihood that popular third party software will ever be
adjusted to fully take advantage of security benefits is _low_.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-test-list
mailing list