Re: selinux eradicator?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Mike McCarty wrote:
Partially, my point is that any time one modifies any package, no
matter for what reason, there is the opportunity to introduce
defects. Therefore, all applications which are affected by SELinux,
potentially all of them, now have an opportunity for defects to be
introduced; a circumstance which would not occur if not for SELinux.

An earlier problem with at-spi took down a large range of programs because of a chain of programs linked to it. This has little to do with SELinux except to say that vulnerabilities which could have a domino effect could be halted from action if policy prevented abnormal operation from vulnerable programs.


Also, SELinux is itself a large chunk of code, with its own defects.

No doubt that it can become better as problems are spotted and addressed.


My bottom line: There is not overwhelming evidence that SELinux
provides a net wothwhile increase in security of non secure systems.
As long as this situation continues, then there is room for people
like Karl not to want it on his machine.

I'm not lobbying for anyone to remove it. I'm not trying to convince
anyone that it's a bad thing. I'm lobbying for people to have a CHOICE
whether to install it, without also having to exercise the choice to
use a different distro. I thinks that's only reasonable.

Why anyone would switch distros because of SELinux integration compared to the multimedia digital writes issues preventing out of the box multimedia support.

If they want it completely off of their systems maybe a new distro fork can be born from their desire to eradicate SELinux completely from their systems.

Jim


Mike

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux