On Mon, 2005-11-21 at 14:45 +0000, Peter Farrow wrote:
> Additionally,
>
> EVERY install I have done (and thats quite few) has it in Enforcing
> mode by default unless you turn it off....
> Not permissive, not disabled, but indeed without a shadow of doubt, in
> "enforcing".
You may be right about in "Enforcing" mode, I have done more than a
thousand CentOS installs, and I thought the default was "Permissive" ...
I'll actually have to check and see.
>
> Don't cloud the issue with a fuzzy definition of what [you think]
> default means, it doesn't do the discusssion justice.
>
> "Default" has a fixed definition in the English language, and I have
> already covered that.
>
> And that really is the end of this thread I believe...
>
>
>
> Johnny Hughes wrote:
>
> >On Mon, 2005-11-21 at 14:15 +0000, Peter Farrow wrote:
> >
> >
> >>The point was, as its very much beta quality, it should be up to the
> >>user to ask for it, not have it dropped on them by default.
> >>
> >>Thats the point Brian was making, the essence of the reply to that was
> >>"its not enabled by default because you can turn it off"
> >>
> >>Which is, as we all know, is a rather absurd statement....which had to
> >>be remedied by, yes if you like, a pedantic reply, but a nonetheless
> >>valid one...
> >>
> >>
> >
> >I disagree ... to me enabled by default would be like the core and base
> >default packages .... they are turned on, and one can not turn them off.
> >They are enabled by default, whether you need them or not.
> >
> >SELinux would be enabled by default if it were turned on that way.
> >
> >Also, even if your more liberal definition of "Enabled by default" is
> >used ... what is enabled is the "permissive" mode - SELinux prints
> >warnings instead of enforcing. There is an "Enabling" mode that must be
> >specifically selected.
> >
> >So, why is no one complaining that LVM2 is enabled by default ... or
> >that your C: drive is formatted by default?
> >
> >Because, you are expected to read and take action during an install.
> >That includes whether or not you include a firewall or enable SELinux.
> >
> >
> >>Craig White wrote:
> >>
> >>
> >>
> >>>On Mon, 2005-11-21 at 13:56 +0000, Peter Farrow wrote:
> >>>
> >>>
> >>>
> >>>
> >>>>>>It is not enabled by default ... unless you mindlessly click through
> >>>>>>
> >>>>>>
> >>>>"Default" means, unless you do something to specify otherwise it will be
> >>>>this way,
> >>>>
> >>>>SElinux IS enabled by default, as doing an install without specifically
> >>>>searching for it and changing it will result in it being enabled.
> >>>>
> >>>>http://isp.webopedia.com/TERM/D/default.html
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>screens without reading them.
> >>>>
> >>>>
> >>>>
> >But ... SELinux (at least in a mode that does anything) is not set to be
> >enabled by default ... it is in permissive and not enabling.
> >
> >
> >>>>
> >>>>
> >>>>
> >>>>
> >>>----
> >>>you are being a bit pedantic here.
> >>>
> >>>Defaults, installation options, etc. are set by upstream provider.
> >>>
> >>>If someone were to simply click-through the install without
> >>>customization, it would indeed be turned on as would a firewall without
> >>>holes and no doubt in that event, said unthinking user would benefit
> >>>
> >>>
> >>>from both.
> >>
> >>
> >true
> >
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >CentOS mailing list
> >CentOS@xxxxxxxxxx
> >http://lists.centos.org/mailman/listinfo/centos
> >
> >
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.centos.org/pipermail/centos/attachments/20051121/148950cd/attachment.bin
