Re: SELinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/20/11 2:30 PM, Kostas Sfakiotakis wrote:
> On 20/01/2011 11:36 ÏÎ, Tim wrote:
>>   On Thu, 2011-01-20 at 04:23 -0600, Mike McCarty wrote:
>>> Additionally, I note that quite a bit of the bandwidth on the
>>> Fedora and CentOS echoes relate to SELinux making ordinary people
>>> doing ordinary things difficult.
>>   I really don't know why people have such grand problems with it.
> I could think of a million reasons . For example , letÂs just say that
> they donÂt have an idea about what mandatory access control is and
> how to live with it .
>
>>   I don't. Not even when I run various servers.
> Well that could be your problem Tim . As you say , u run SERVERS . Servers
> are supposed to do very specific things and not every day stuff.
>
>> I strongly suspect it's because they're doing daft things with their
> computer, in the
>>   first place, then following bad advice to resolve it.
>>
> Well thatÂs the issue . I canÂt really understand why i canÂt do any
> stupid thing with the computer i have payed for . I payed for the computer and not the
> SELinux development it , an agency , a corporation or whatever else . I
> just want to open my computer and do my stupid things and if i mess things up
> , then so i did . It would be my mess and i would be really happy to clean it .
> After all it is my mess and am paying for it ( well the paying part am doing
> either way ) .
>
As Tim said:  You are not only affecting yourself but by default every 
other user of the Internet if you get infected with a virus/worm/trojan 
horse/spyware.  SELinux is designed to prevent that level of stupidity.  
Sorry, but you have to read through several RFCs to understand your 
ability to screw things up royally when you are on the Information 
Superhighway.  Please take time and read RFC 1087.  It basically spells 
out YOUR responsibilities when driving there.

Now, you are free to take your 'payed for' toy, take it off of the 
Internet and do whatever you want.  At that point, it becomes your 
problem.  Otherwise, you should obey the 'rules of the road' and make 
your system as secure as you can.  I do.  I've disabled flash on my 
browser.  I've blocked all sorts of ads. Why?  Because both are vectors 
for malware.  I don't like rebuilding my systems, but if they get 
infected with someone else's 'stupidity' then I'm out hours of work that 
I won't enjoy doing.  How would you feel if failure to use SELinux 
infects hundreds if not thousands of systems with a virus?  How would 
you feel if not using SELinux saves your work from being inadvertently 
destroyed?  That is why it exists, so stupid people don't do stupid 
things.  Again, you are free to do what you like as long as it will not 
affect others.

Now, if you are trying to do something that you SHOULD be able to do, 
and SELinux will not let you, the SELinux people need to know about this 
and provide either a permanent solution or a work-around.  They should 
not allow you to do stupid stuff with your system when it is on-line and 
connected to the Internet or any other type of network.

James McKenzie


-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux