2011/4/6 Tom Gundersen <teg@xxxxxxx>: > On Thu, Apr 7, 2011 at 6:46 AM, Thomas S Hatch <thatch45@xxxxxxxxx> wrote: >> On Wed, Apr 6, 2011 at 4:32 PM, Heiko Baums <lists@xxxxxxxxxxxxxxx> wrote: >> >>> Am Wed, 6 Apr 2011 16:25:42 -0600 >>> schrieb Thomas S Hatch <thatch45@xxxxxxxxx>: >>> >>> > As for adding SELinux support in base but keeping it turned off by >>> > default, +1 >>> >>> Then you mean adding it to [core]. (base) is supposed to be installed >>> on every system. And SELinux is definitely not necessary for a minimal >>> base Linux installation. >>> >>> Heiko >>> >> >> SELinux is a compile flag in the kernel and base utils, it is not required >> for a minimal system, but just adding the compile flags is a minor change >> and makes setting up more secure systems a possibility. >> >> I think that the only reason it is omitted is because most people are >> horrified by it, but if it is disabled by default then it is off and no one >> need know that support is compiled in. > > I would just like to chime in and point out that if we want to allow > selinux, then we would need someone committed to supporting it. I have > never used it myself, but from what I hear it would need to be > supported by things like initscripts to be used properly. If such > support can be added elegantly and securely then I am not opposed to > it. > > Cheers, > > Tom > I personallly dislike SELinux, so -1 -- Angel Velásquez angvp @ irc.freenode.net Arch Linux Developer / Trusted User Linux Counter: #359909 http://www.angvp.com