On Mon, 2005-01-17 at 08:44 -0600, Chris Adams wrote:
> Once upon a time, Sean Middleditch <elanthis awesomeplay com> said:
> > That doesn't make much sense - there is no good reason at all for a user
> > to need to muck around with SELinux to perform basic file sharing, and
> > general administration tasks are going to need more than simply setting
> > contexts in Nautilus.
> Setting up CGI scripts to run under Apache is a fairly common task for
> webservers and requires setting the file context if scripts are not in
> cgi-bin (allowing *.cgi and/or *.pl to be CGI scripts is fairly common).

Understood - but there's absolutely no reason for Nautilus to be able to
do that.  It's an admin task, let admin tools (i.e., the shell) do it.

> > Besides, changing them in Nautilus *WILL* break the system, because the
> > second a package upgrade for selinux policies comes in and restorecon is
> > run all of their customized settings will be erased.
> Does that reset every context on the system, including on non-RPM files?
> If so, that's going to be highly confusing to both users and system
> administrators.  What is the point of even having the chcon command if
> everything will be reset to some config file contents at arbitrary
> times?  Just load the config file into the kernel and use it directly.

I never said SELinux is easy to configure.  I just stated how it works.
It's actually essential that restorecon resets all files, according to
the SELinux experts I last spoke with, since that means that an "SELinux
security expert" (i.e. a relatively small handful of SELinux developers)
can look in one place to check the available flow of information and
privileges in the system; if you could change individual files then
you'd really have no way to know what files had what contexts without
expensive whole-system searches.  (Granted, I think then that the file-
systems people use should be "fixed" to make it not-so-expensive and to
get rid of duality and complexity in SELinux configuration, but that's
of course not technically feasible for Red Hat to pull off in FC4.)

