Additionally,
EVERY install I have done (and thats quite few) has it in Enforcing
mode by default unless you turn it off....
Not permissive, not disabled, but indeed without a shadow of doubt, in
"enforcing".
Don't cloud the issue with a fuzzy definition of what [you think]
default means, it doesn't do the discusssion justice.
"Default" has a fixed definition in the English language, and I have
already covered that.
And that really is the end of this thread I believe...
Johnny Hughes wrote:
>On Mon, 2005-11-21 at 14:15 +0000, Peter Farrow wrote:
>
>
>>The point was, as its very much beta quality, it should be up to the
>>user to ask for it, not have it dropped on them by default.
>>
>>Thats the point Brian was making, the essence of the reply to that was
>>"its not enabled by default because you can turn it off"
>>
>>Which is, as we all know, is a rather absurd statement....which had to
>>be remedied by, yes if you like, a pedantic reply, but a nonetheless
>>valid one...
>>
>>
>
>I disagree ... to me enabled by default would be like the core and base
>default packages .... they are turned on, and one can not turn them off.
>They are enabled by default, whether you need them or not.
>
>SELinux would be enabled by default if it were turned on that way.
>
>Also, even if your more liberal definition of "Enabled by default" is
>used ... what is enabled is the "permissive" mode - SELinux prints
>warnings instead of enforcing. There is an "Enabling" mode that must be
>specifically selected.
>
>So, why is no one complaining that LVM2 is enabled by default ... or
>that your C: drive is formatted by default?
>
>Because, you are expected to read and take action during an install.
>That includes whether or not you include a firewall or enable SELinux.
>
>
>>Craig White wrote:
>>
>>
>>
>>>On Mon, 2005-11-21 at 13:56 +0000, Peter Farrow wrote:
>>>
>>>
>>>
>>>
>>>>>>It is not enabled by default ... unless you mindlessly click through
>>>>>>
>>>>>>
>>>>"Default" means, unless you do something to specify otherwise it will be
>>>>this way,
>>>>
>>>>SElinux IS enabled by default, as doing an install without specifically
>>>>searching for it and changing it will result in it being enabled.
>>>>
>>>>http://isp.webopedia.com/TERM/D/default.html
>>>>
>>>>
>>>>
>>>>
>>>>screens without reading them.
>>>>
>>>>
>>>>
>But ... SELinux (at least in a mode that does anything) is not set to be
>enabled by default ... it is in permissive and not enabling.
>
>
>>>>
>>>>
>>>>
>>>>
>>>----
>>>you are being a bit pedantic here.
>>>
>>>Defaults, installation options, etc. are set by upstream provider.
>>>
>>>If someone were to simply click-through the install without
>>>customization, it would indeed be turned on as would a firewall without
>>>holes and no doubt in that event, said unthinking user would benefit
>>>
>>>
>>>from both.
>>
>>
>true
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>CentOS mailing list
>CentOS@xxxxxxxxxx
>http://lists.centos.org/mailman/listinfo/centos
>
>
