On Wed, 2008-07-02 at 17:13 -0400, Alan Cox wrote: > On Wed, Jul 02, 2008 at 04:37:48PM -0400, Jon Masters wrote: > > I wasted about 6 hours on Sunday evening[0] figuring out why an SELinux > > policy update in F9 had randomly stopped VPNC from working in a policy > > update - that came following days of denials trying to do even simple > > stuff. I can't possibly see how thrusting this default upon masses of > > otherwise unsuspecting users is a good idea. I'm not saying SELinux > > isn't a fantastic idea in certain cases, just not on "the desktop". > > The desktop is where it is most needed. Yes, in a perfect world in which policy and reality were so well aligned that everything just worked, all of the time. > But here is a silly question - why are you using vpnc if you turn SELinux off, > telnet would be faster too ? I didn't turn SELinux off. I'm forcing myself to use it in enforcing mode, and I will continue to do so. But I think it's absolutely nuts to expect the average Fedora desktop user to do so :) Jon. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
