How best get rid of SELinux?
Mike McCarty
Mike.McCarty at sbcglobal.net
Mon Sep 24 22:43:19 UTC 2007
Alan M. Evans wrote:
> On Mon, 2007-09-24 at 15:58 -0500, Mike McCarty wrote:
>
>> Because SELinux is not a "thing", it is a way of writing apps.
>
> No, no no! How many times does this have to be explained?
See below. My objection to SELinux is not due to my ignorance
of what it is.
> Applications don't need to know anything about SELinux in order to be
> under its purview. Only applications that need to interact with SELinux
I didn't say that. You are arguing against something I emphatically
did not say. I particularly object to you asking "how many times
does this have to be explained" like I am some sort of idiot.
> in some way need to know about it. I can easily write a program that
> tries to open a forbidden resource and SELinux can most easily prevent
> it despite that my application only #includes stdio.h and knows nothing
> of the hidden hand that blocks it.
I KNOW what SELinux is. I KNOW how it is intended to work.
How many times does THAT need to be explained?
The apps I'm talking about are find, ls, mv, cp, ssh, etc.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
More information about the fedora-list
mailing list