On 1/20/11 2:30 PM, Kostas Sfakiotakis wrote: > On 20/01/2011 11:36 ÏÎ, Tim wrote: >> On Thu, 2011-01-20 at 04:23 -0600, Mike McCarty wrote: >>> Additionally, I note that quite a bit of the bandwidth on the >>> Fedora and CentOS echoes relate to SELinux making ordinary people >>> doing ordinary things difficult. >> I really don't know why people have such grand problems with it. > I could think of a million reasons . For example , letÂs just say that > they donÂt have an idea about what mandatory access control is and > how to live with it . > >> I don't. Not even when I run various servers. > Well that could be your problem Tim . As you say , u run SERVERS . Servers > are supposed to do very specific things and not every day stuff. > >> I strongly suspect it's because they're doing daft things with their > computer, in the >> first place, then following bad advice to resolve it. >> > Well thatÂs the issue . I canÂt really understand why i canÂt do any > stupid thing with the computer i have payed for . I payed for the computer and not the > SELinux development it , an agency , a corporation or whatever else . I > just want to open my computer and do my stupid things and if i mess things up > , then so i did . It would be my mess and i would be really happy to clean it . > After all it is my mess and am paying for it ( well the paying part am doing > either way ) . > As Tim said: You are not only affecting yourself but by default every other user of the Internet if you get infected with a virus/worm/trojan horse/spyware. SELinux is designed to prevent that level of stupidity. Sorry, but you have to read through several RFCs to understand your ability to screw things up royally when you are on the Information Superhighway. Please take time and read RFC 1087. It basically spells out YOUR responsibilities when driving there. Now, you are free to take your 'payed for' toy, take it off of the Internet and do whatever you want. At that point, it becomes your problem. Otherwise, you should obey the 'rules of the road' and make your system as secure as you can. I do. I've disabled flash on my browser. I've blocked all sorts of ads. Why? Because both are vectors for malware. I don't like rebuilding my systems, but if they get infected with someone else's 'stupidity' then I'm out hours of work that I won't enjoy doing. How would you feel if failure to use SELinux infects hundreds if not thousands of systems with a virus? How would you feel if not using SELinux saves your work from being inadvertently destroyed? That is why it exists, so stupid people don't do stupid things. Again, you are free to do what you like as long as it will not affect others. Now, if you are trying to do something that you SHOULD be able to do, and SELinux will not let you, the SELinux people need to know about this and provide either a permanent solution or a work-around. They should not allow you to do stupid stuff with your system when it is on-line and connected to the Internet or any other type of network. James McKenzie -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
