max wrote:
Denis Leroy wrote:
max bianco wrote:
Can an option to completely disable the ability to disable SELinux be
added? I'd rather there was no way to turn it off at all.
that doesn't make *any* sense
It make as much sense as the rest of this thread and what it proposes.
Yes I realize this is extreme but no more extreme in my view than
disabled by default or offering the option at install time. There is
already a way to disable it if you know enough and if you don't then you
need it on anyway. For crying out loud my girlfriend uses Fedora, her
use is much closer to average than any of the rest of us and SELinux has
*never* caused her a problem. My mother, as computer illiterate as they
come( no disrespect intended Mom) does not have any problems. This
conversation is pointless, I see a hundred posts about people
complaining about people discussing things like the GPL on a developer's
list, a subject quite relevant in my view, but when the idea of
disabling practically the only security present on the system is brought
up , it actually gets entertained? Disable it?!?What?!? It seems to me
that entirely too many people have their priorities seriously out of
whack.
you are COMPLETELY missing the point. In some context, security is
irrelevant. Like that Fedora system we use in our lab at work for
bringup testing: it doesn't even have a network card.
some people thing that criticizing SELinux installation policy (not
SELinux itself mind you, which is a useful thing) == saying "security is
not important". This is ridiculous.
The only scenario I can think of where SELinux disabled installation
would be forcefully prohibited would be, say, a custom Fedora spin
targeted at employees or students where you don't want some smart guy to
disable it (because that would mean your job)...
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
