[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux removed from desktop cd spin?



Valent Turkovic wrote:
On Jan 16, 2008 9:25 PM, Daniel P. Berrange <berrange redhat com> wrote:
On Wed, Jan 16, 2008 at 09:19:38PM +0100, Valent Turkovic wrote:
On Jan 16, 2008 9:03 PM, Daniel P. Berrange <berrange redhat com> wrote:
On Wed, Jan 16, 2008 at 08:57:56PM +0100, Valent Turkovic wrote:
Hi,
I believe that SELinux is a great linux server security hardening tool
but that has little use in desktop linux usage and it confuses
ordinary desktop users.
It is of great use in a desktop spin. On my 'desktop' install for my
laptop I have many many system daemons running under a confined domain
You, of course, will always have the ability to choose to install it
and use it.

If it hasn't been discussed before I would like to propose that on
desktop cd spin SELinux is not installed by default, of course after
discussion and approval from you (fedora devels).
No. SELinux provides very real & important protection for desktop users.
Can you give me examples of this protection over fedora 9 without
SELInux or with SELinux in permissive mode?
Yes. SELinux mitigated against the recent HPLIP security flaw which
would have allowed arbitrary code execution as root.

  http://james-morris.livejournal.com/25140.html
  https://rhn.redhat.com/errata/RHSA-2007-0960.html

There have been other similar scenarios where security flaws have been
prevented, or their damage mitigated by presence of SELinux


Dan.

Dan you are taking this the wrong way. Of course SElinux is great, of
course it prevents from 0day exploits, no body is challenging that.
But what was the real threat to average desktop users? Has anybody
made use of this 0day exploit threat? is there a linux virus in the
wild that spread like wildfire that took down all desktops that didn't
use SELinux?

It is a question of cost and benefit. I argue that SELinux makes much
more trouble that it saves people from real danger in desktop
enviroment. Ofcourse that you need it in corporate enviroment and if
you use Fedora as corporate desktop you should enable it - but don't
make it default for them - especially if most of the people using it
won't understand cryptic messages that it gives :(

If fedora is used as testing ground for redhat corporate desktop then
I understand the decision to make it on by default but if you really
want average home desktop users to have a pleasant linux experience I
really see no point in SELinux.

Valent.

I would argue that for the continued development, improvement, and eventual adoption of selinux across the linux community at large, it must be tested in ever widening circles... and its crucially important for distributions to take steps in that direction. Fedora users should expect to either 1) know how to turn it off, 2) learn how to use it. Google provides great search results on both of those options; if thats your only place to start I would expect anyone who actually tried to be able to disable it.

It should not be up to the distribution which is atm doing the most to develop selinux to turn it off for people who choose the distro targetted at cutting edge linux technologies.

Sooner or later there WILL be increasing threats to linux and its quite possible to have virii spread in the wild... if good protections against it are not developed and supported now then when? After they show up?

--
Andrew Farris <lordmorgul gmail com> <ajfarris gmail com>
 gpg 0xC99B1DF3 fingerprint CDEC 6FAD BA27 40DF 707E A2E0 F0F6 E622 C99B 1DF3
No one now has, and no one will ever again get, the big picture. - Daniel Geer
----                                                                       ----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]