On 05/18/2011 09:58 PM, "Jóhann B. Guðmundsson" wrote: > On 05/18/2011 03:57 PM, Adam Williamson wrote: >> Feedback please! Thanks:) > Given that we ship selinux on by default should this proposal only be > applicable to exploits/vulnerability that selinux cant catch and prevent > which leaves us with <insert type of exploits here )? No. SELInux (or firewall) is not a first line of defense. These get turned off by some users and we need to be sure we aren't relying on them solely. If there are important security issues, they should be fixed before release regardless of whether SELinux would mitigate them or not Rahul -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
