On Jan 16, 2008 9:03 PM, Daniel P. Berrange <berrange@xxxxxxxxxx> wrote: > On Wed, Jan 16, 2008 at 08:57:56PM +0100, Valent Turkovic wrote: > > Hi, > > I believe that SELinux is a great linux server security hardening tool > > but that has little use in desktop linux usage and it confuses > > ordinary desktop users. > > It is of great use in a desktop spin. On my 'desktop' install for my > laptop I have many many system daemons running under a confined domain You, of course, will always have the ability to choose to install it and use it. > > If it hasn't been discussed before I would like to propose that on > > desktop cd spin SELinux is not installed by default, of course after > > discussion and approval from you (fedora devels). > > No. SELinux provides very real & important protection for desktop users. Can you give me examples of this protection over fedora 9 without SELInux or with SELinux in permissive mode? I'm a desktop user and I personally don't see any benefit. It actually prevented me in using multimedia on fedora 8 desktop (I filed a bug). I believe it is more of a nuisance (constant alerts) for average desktop users. Advanced users always have an option to install and use SELinux if they need it. Cheers, Valent. -- http://kernelreloaded.blog385.com/ linux, blog, anime, spirituality, windsurf, wireless registered as user #367004 with the Linux Counter, http://counter.li.org. ICQ: 2125241, Skype: valent.turkovic -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
