Request to re-add option to disable SELinux
Andrew Farris
lordmorgul at gmail.com
Fri Jul 4 16:59:22 UTC 2008
Suren Karapetyan wrote:
> On Fri, 2008-07-04 at 12:08 +0200, Nils Philippsen wrote:
>> On Fri, 2008-07-04 at 01:54 +0500, Suren Karapetyan wrote:
>>> EVERYBODY who used to disable SELinux when the combo-box was there will
>>> STILL disable it. We didn't get ANYTHING from removing that *feature*.
>> Please don't confuse features with workarounds.
> I need neither SELinux nor encrypted rootfs on my desktop (at least
> now). So I'm not trying to workaround SELinux related problems. I just
> don't need it/them.
I think its unfortunate that so many people believe SELinux is something 'for
the server' and not needed 'on the desktop'. That probably comes from the first
policy being deployed for server processes (if my memory serves correctly). I'm
not attacking your own position on this point Suren, but it is hard to
understand why you would think this unless not really understanding what SELinux
is meant to prevent.
The core developers working on SELinux have many times said the desktop is
precisely where it is most needed, especially confining browsers and plugins. I
think my personal information on my laptop is worth the extra security.
--
Andrew Farris <lordmorgul at gmail.com> www.lordmorgul.net
gpg 0x8300BF29 fingerprint 071D FFE0 4CBC 13FC 7DEB 5BD5 5F89 8E1B 8300 BF29
More information about the fedora-devel-list
mailing list