wild and crazy selinux dependencies?
Marko Vojinovic
vvmarko at panet.co.yu
Sun Oct 12 09:47:11 UTC 2008
On Saturday 11 October 2008 14:19, Tom Horsley wrote:
> On Thu, 9 Oct 2008 12:02:52 +0000
> Marko Vojinovic <vvmarko at panet.co.yu> wrote:
> > In general, you want a system with active selinux as much as a system
> > with file permissions. Security.
>
> In general, I want a system where it is possible to get things done,
> and all of the security types in the universe believe that just one more
> little obstacle won't hurt anything because, after all, it is to improve
> security.
I fail to see where selinux interferes with the possibility to get things done
-- err, to get things done *properly*. Selinux is intended to be completely
transparent and to require zero user intervention, and is pretty much getting
there (I had only one issue with it on F9 so far). However,
- if you want to do something that is not compatible with the selinux policy
(and that begs for a "why?"), you have to explicitly override selinux (use
chcon);
- if you want to do something that is not compatible with file permissions
(and that begs for a "why?"), you have to explicitly override file
permissions (use chmod, chown and chgrp);
The way I see it, selinux is behaving simply as a more sophisticated
file-permissions system. However, I see noone yelling and bitching about file
perms, only about selinux. Your "get things done" argument could be well
extended to perms, and I don't see anyone moaning about that. People are used
to using ch* commands to change file perms as they see fit --- they should
also get used to using chcon to adapt selinux to their needs.
You disable selinux in order to "get things done" with less hassle (and less
security). Do you also login as root instead of ordinary account (in X, on a
daily basis) in order to get things done with even less hassle (and even less
security)? Look at Windows users who use admin account routinely --- where
should one draw the line between usability and security?
For me, selinux works transparently and I have no problems with it. If a
problem arises, I usually try to understand *why* this happened. Then, if
possible, I modify my task to do it the Right Way, avoiding selinux trouble
automatically. If not possible, I modify selinux to allow me access to what
is securitywise Not A Good Idea, and I take my chances with it.
HTH, :-)
Marko
More information about the fedora-list
mailing list