On Tue, 2012-08-07 at 07:54 -0400, John Aldrich wrote: > With respect to SELinux... I really have no idea whether it's > currently enabled, enabled in "permissive" mode or disabled (I *think* > it may be in "permissive" mode, but I wouldn't swear to it.) However, > I got to thinking... it needs to be set up more like an antivirus > program, i.e. smart enough to recognize what is there and act > accordingly. Generally speaking, it is. Warnings are either faults with the rules, or the applications doing things that they shouldn't, which do get amended. Or warnings that you're doing something is wrong on your computer, and that needs fixing (e.g. you're trying to access files where you shouldn't - such as webserving from non-standard locations). I can't say that I've ever had a SELinux alert while trying to do something normal, such as read a file or write one, in my homespace. I have seen alerts such as applications wanting carte blanche do whatever they feel like on the file system, when that's clearly a bad idea. So, corrections get made to those programs to not request things they shouldn't do. Or modifications to rules to allow some things a bit more access than default, but not carte blanche. Usually stupid errors with commonly used applications get discovered and fixed quite quickly. It's when users do something less common that /they/ will probably have to be the one to make a bug report. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
