On Fri, 2008-04-25 at 18:04 +0200, Matej Cepl wrote: > On Thu, 24 Apr 2008 13:39:07 +0200, Ralf Corsepius scripst: > > selinux-policies are based on is flawed by design and can hardly be made > > functional for a very small subset of configurations. > > > > ATM, to me, this subset of configurations is a standalone, single user > > desktop. > > Do I understand you correctly that you are claiming that SELinux cannot be > used with single user desktop? Sorry, there had been a couple of ugly typos in my mail above. It should have read: <correction> I think the approach current Fedora selinux-policies are based on, is a flawed design and can hardly be made functional BUT for a very small subset of configurations. ATM, to me, this subset of configurations is a standalone, single-user desktop. </correction> I meant to say: I think the approach behind Fedora's selinux-policies hardly fit anywhere except of standalone single-user desktop setups and will likely never reach a point of being suitable anything else because of its design. > If I wasn't writing it on one and haven't > other (even notebook) in my bag, both with SELinux on (most of the time in > the Enforcing, now in the Permissive because developing some policy > module, and it is not finished yet), well, if not that, than I would > believe you. Ralf -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
