Denis Leroy wrote:It make as much sense as the rest of this thread and what it proposes. Yes I realize this is extreme but no more extreme in my view than disabled by default or offering the option at install time. There is already a way to disable it if you know enough and if you don't then you need it on anyway. For crying out loud my girlfriend uses Fedora, her use is much closer to average than any of the rest of us and SELinux has *never* caused her a problem. My mother, as computer illiterate as they come( no disrespect intended Mom) does not have any problems. This conversation is pointless, I see a hundred posts about people complaining about people discussing things like the GPL on a developer's list, a subject quite relevant in my view, but when the idea of disabling practically the only security present on the system is brought up , it actually gets entertained? Disable it?!?What?!? It seems to me that entirely too many people have their priorities seriously out of whack.max bianco wrote:Can an option to completely disable the ability to disable SELinux be added? I'd rather there was no way to turn it off at all.that doesn't make *any* sense
you are COMPLETELY missing the point. In some context, security is irrelevant. Like that Fedora system we use in our lab at work for bringup testing: it doesn't even have a network card.
some people thing that criticizing SELinux installation policy (not SELinux itself mind you, which is a useful thing) == saying "security is not important". This is ridiculous.
The only scenario I can think of where SELinux disabled installation would be forcefully prohibited would be, say, a custom Fedora spin targeted at employees or students where you don't want some smart guy to disable it (because that would mean your job)...