On 13/07/10 15:47, Tomasz Torcz wrote: > On Tue, Jul 13, 2010 at 03:11:44PM +0100, Christopher Brown wrote: >>> >>> As long as you give us a heads up we can prevent these types of blowups. >>> Since this policy is shared between yum, packagekit >> >> Whilst I appreciate your huge efforts to provide users with a more >> secure system, you need to realise that SELinux as it stands at the >> moment is utterly broken. As you clearly don't think this is the case, >> please spend some time in userland before beating on developers for >> not caring about this. > > > On the other hand, I cannot understand why packagers submit packages that > have no chance to work in default Fedora settings, with SELinux in Enforcing mode. Nobody I know enables SELinux. smolt says about half leave it enabled: http://smolts.org/static/stats/stats.html But I'm guessing a lot of experienced users/devs disable it given previous experiences... It's a bit of a catch 22 really. Personally I do momentarily enable to test but always disable because of _hundreds_ of errors in the applet thingy. Enabling in non enforcing mode causes a huge performance hit, causing for example the "do you want to kill" dialog to pop up when I try to quit firefox. cheers, Pádraig. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
