On Tue, 2004-04-06 at 12:23 -0700, Jesse Keating wrote: > On Tuesday 06 April 2004 12:25, Stephen Smalley wrote: > > I'd encourage you to read the paper available from > > http://www.nsa.gov/selinux/papers/inevit-abs.cfm. Quite independent > > of any argument about enabling/disabling SELinux by default for FC2, > > just a case that flexible MAC is important even for the desktop. > > I don't discount that it's 'important'. I doubt whether or not end > users are prepared to deal with SELinux for their every day use > computer. I REALLY question the ideology of forcing it down users > throats (by making it the default) in a Fedora Core release. I worry > that it will be very counterproductive to industry acceptance of Fedora > Core as a remotely usable distribution. > This thread helps confirm my predictions as to what will happen with the Fedora Core 2 release. We've seen this sort of thing in times past with various Red Hat releases. It will go something like this: 1) Fedora Core 2 released with SE Linux support 2) Various user groups complain loudly with quotes such as: "Red Hat has finally done it, I'm switching to Gentoo!" "Red Hat doesn't care about the end user" "Debian is where it's at" "KDE Rulez!" "I'm never going to buy a Red Hat product again" "RH is conspiring with NSA to spy on us!" 3) Various other distros will be incorporating SE Linux and within a years time, all major distros will ship with SE Linux functionality Look at times past that we have seen RH incorporate a "bleeding edge" functionality into the core to much criticism, only to prove that they were really just leading the charge. Going way back, we have the great glibc2 migration. Everybody wanted to go there, nobody did because it was such a massive change. Who remembers libc5 these days? The gcc 2.96 debacle. OK, so it may have not been the best decision but gcc was really stuck at the 2.95 series for eons. Now there are new gcc releases every few months. How about BlueCurve? RH's attempt to kill KDE and take over the project. I think they may have even hired hitmen to take out all of the KDE developers. Boy, that sure killed the desktop on Linux by blurring the lines didn't it... Hmm, seems like some other distros have started doing this as well. I don't know about you, but I can't stand it when all of my apps look the same... For those of you out there that are really concerned with SE Linux, be patient. Maybe skip FC2 until the bugs get worked out. If you have some non-critical or test systems, throw it on there and try things out. Report bugs so they can get fixed. It will be alright. In the end, you will be more better off than you will ever know. If you don't want to see such garbage hitting Linux as SQL Slammer, Nimda, CodeRed, Nachia, etc etc etc, SE Linux will be a great step towards preventing it. -- David T Hollis <dhollis@xxxxxxxxxxxxxx>
