On Thu, 2008-01-17 at 08:15 +0100, Valent Turkovic wrote: > I believe that SELinux it too raw for > general purpose desktop. Give it a year or two to mature and maybe > then. Were you not a Fedora user during the FC2 and FC3 introduction of SELinux? SELinux is exceedingly mature, especially compared to some of the rest of the software we provide. What it does is complex and crucial. The only way to make it better is to run it, report the few problems that occur, and get them fixed. Meanwhile, covering >1500 applications with solid policy is a good thing, no matter what. After all, the last thing we need is a live media desktop edition that has SELinux disabled, then a vulnerability is discovered in the live media that allows an attacker to root the box. Since there is no SELinux to limit root privileges, we have an unknown number of live media discs out there, no way to update them, waiting to make bad news for the user and the Fedora Project. I think Michael Tiemann said it best: "SE Linux--a great open source success story" http://opensource.org/node/240 Michael is not talking about a future success story but one that has been successful for a few years already. - Karsten, who will never forget FC2/FC3 SELinux introduction ... -- Karsten Wade, Developer Community Mgr. Dev Fu : http://developer.redhatmagazine.com Fedora : http://quaid.fedorapeople.org gpg key : AD0E0C41
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
