Re: trying to understand SELinux message

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 16 November 2009 05:22:34 Mr. Teo En Ming (Zhang Enming) wrote:
> You can try to disable SELinux in /etc/selinux/config or in
> /boot/grub/grub.conf.
> 
[snip]
> 
> You shouldn't start X server or login to GNOME as root.

Logging as root in X is certainly a bad idea, mainly for security reasons. 
Disabling SELinux is an equally bad idea, also for those same security 
reasons. Why do you advise for one and against the other? It looks 
inconsistent to me.

The fact that OP broke one rule and logged in a GUI as root made the other 
protection layer yell at him about that. And when he asks what is going on, 
your advice is to shut down that other layer. But given that the OP is 
apparently a newbie and is not aware of good security practices, this is quite 
a Bad Idea, since it opens a door for him to break his system even more.

My advice would be to keep SELinux on, and refrain from using X as root. That 
provides good system security (both from others and yourself). 

Best, :-)
Marko


-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux