Re: SELinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Kostas Sfakiotakis wrote:

[...]

> Since i started this thread , let me clarify something . All i was
> trying to do was to open a pdf file  simple as that  and i do believe
> that on my computer am pretty much entitled to do so .

I'd like to help you clarify your thinking, as well.

[...]

> Well i wasn´t trying to force anything by switching to the root user . I
> wasn´t trying to force anything at all . I was just trying to open a manual
> ( a pdf file ) .

Every two hundred lines of code, statistically, has a defect in it.
Every additional line of code which is compiled and loaded into
your machine is a 1/2 % chance of a defect. SELinux is big. Very
big. By Red Hat's own estimate 40 applications had to be modified
to accomodate it, along with the kernel and compiler. By application,
I mean non system programs, like mv, ls, cp, tar, cpio, etc.

I see no need for SELinux on what is, while potentially multi user,
essentially single user system. I run behind two (count 'em) two
hardware firewalls both of them doing NAT. I've never had one,
not even one, IP tables violation. I've never had even one attempt
to access my machine at all. I don't run Apache, sshd, or any other
server which would allow ingress to my machine. I've never have anyone
even attempt to get root access but me.

I've had arguments with the Red Hat development team about it, and
they insist SELinux _must_ be there. Well, if I had a real server, and
not a desktop single user machine, I _might_ agree. I might not.

However, I like to control what is on my own machine. So, as a
consequence, I've been building my own Linux, and am gradually
leaving all Red Hat products behind.

Perhaps you should investigate LFS (Linux From Scratch). It isn't
that hard to build your own custom system which has exactly what
you want on it, no more and no less.

Mike
-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux