Tom Horsley wrote:
I personally have immediately disabled SELinux on any and every box I've
ever installed for myself, and grind my teeth any time I even see the
word.
I didn't disable it on the first fedora release it showed up on, and
spent hours after that just trying to gain enough access to my own system
to disable it when I found that basically nothing worked. Ever
since then I not only disable it when installing, but also add
selinux=0 to the kernel options just to be sure :-).
Would any of you out there care to share with me any of your personal
experiences with SELinux being useful to you (in any way whatsoever), on
a single-user workstation?
I can't imagine ever having an experience where any form of security
software turned out to be useful, but I do have a theory that explains
selinux in fedora and apparmor in opensuse:
Large numbers of government contracts need you to check a box for
"enhanced security" in order to bid on them, therefore selinux was
born.
If redhat had shipped selinux in enterprise when it was in the condition
it first showed up in fedora, they would have lost every paying
enterprise customer, therefore they needed a large group of suckers
to find all the obvious problems.
That's us :-).
Cross out redhat and selinux and write in suse and apparmor with a
crayon, and the same explanation applies :-).
Once about Fedora Core 4 I noticed Selinux was there and I turned it
on. I began to have odd problems. Things stopped working. I discovered
how to turn it off and all problems stopped.
Since then I always turn it off during installation. Right after I
refuse to give Grub a password :-)
--
Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list