[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Request to re-add option to disable SELinux - compromise



max wrote:
The last time I looked a computer without internet access is completely useless to the average user. What do you think the majority of people are doing with their computers? playing solitaire? No network card is not the norm. Anyway what's to stop some disgruntled employee from quietly loading a program onto your test box that will have you scratching your head for days because you can't imagine what might be wrong.

I have a media server here with Fedora on it. Just a storage box with MP3s on it. It has no direct connectivity to the net, as such it has no root password, no firewall and no SELinux. Adding any of these would be a complete waste of time and disk space since they offer no protection against an intruder with direct physical access and a screwdriver. OTOH, the filesystem is encrypted.

I'm not sure what you're arguing for. You're saying security is important. I fully agree. You're saying SELinux is important. I fully agree. You're saying SELinux should be enabled by default on our Desktop installation. I fully agree. Fedora is probably (? does anyone know for sure) the only desktop distro that does this by default.

However sabotaging the installer to make it impossible for people to disable it at installation, now that's where I say "that doesn't make any sense", cf my original email.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]