Re: Request to re-add option to disable SELinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2008-07-03 at 04:29 -0400, Alan Cox wrote:

> Sorry if I sound fed up of all of this but I spent 9 months fighting people
> years back to get firewalling enabled by default, and that had all the same
> arguments. Today nobody (even Microsoft) would propose otherwise.
> 
> This is the same thing ..
> 
> As to Setroubleshoot it would be nicer if it spoke more "end user" ese and
> could prompt/fix common mislabelling (eg html files)

I agree with Alan here, that if selinux is indeed a great program to
help secure the OS and anything else, it at least needs to be a LOT more
user friendly.  

Ok, don't give me this MS to linux compare bit on what I am comparing
next, it's the comparing of wording and concept it's done in, not
details and stuff LOL.  Anyway, Vista came out with that (I forget the
damn program name) program that when certain programs/files run, you get
a dialog box that you have to continue (to allow it to run) or cancel.
Now, no this isn't exactly the same, but it is in a way.  They both
provide a little better security than with out it.  BUT, in Vista, the
user doesn't have to relabel something, or go to the CLI, or whatever.
They get a little question stating this program wants to run, do you
give it permission.  That's it, nothing else (might not like that dialog
all the time though, I am sure).  And that is what I am trying to say
for selinux, that it needs to allow things to do what they need, and if
not, a simple little question or whatever to allow it.  The user should
NOT have to go to the CLI for anything.  They shouldn't have to do this
command or that command, JUST HIT YES OR NO!!

Well anyway, not ranting or raving.  Just trying to maybe help clarify
what Jon was talking about, and what Alan was saying.  SELinux I am sure
is a wonderful thing, and just needs to be I guess, dumbed down or
whatever so the user clearly understands what it is doing or not doing
and to present the user with simple to do questions/answers/buttons or
whatever to push/answer.

-- 
Mike Chambers
Fedora Project - Ambassador, Bug Zapper, Tester, User, etc..
mikec302@xxxxxxxxxxxxxxxxx

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux