On Thu, 2008-04-24 at 12:48 +0200, Tomas Mraz wrote: > On Thu, 2008-04-24 at 06:23 -0400, Matthew Miller wrote: > > On Thu, Apr 24, 2008 at 11:01:15AM +0200, Tomas Mraz wrote: > > > > desktop centric and lacks generality. Some pieces are even close to be > > > > unusable outside of desktops (e.g. NM, PA, SELinux). > > > SELinux? You have to be kidding, aren't you? > > > > Show me an in-production server doing anything slightly out of the bounds of > > the expected, and I'll show you a machine with SELinux turned off. :) Come over here and I can show you mine ;) > That it is not yet super-easy to use SELinux on servers doesn't mean > that it is unusable. Well, my view is different: I think the approach current Fedora selinux-policies are based on is flawed by design and can hardly be made functional for a very small subset of configurations. ATM, to me, this subset of configurations is a standalone, single user desktop. > It is perfectly possible to use it on most servers > but it of course requires some effort from the sysadmin to learn it. May-be true, may not be true - Future may tell, we will see. At the moment, to me, the effort related to getting SELinux working in a network by far outweighs SELinux potential benefits. Ralf -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
