On Mon, Jul 7, 2008 at 10:28 AM, max <maximilianbianco@xxxxxxxxx> wrote: > Denis Leroy wrote: >> >> max wrote: >>> >>> Denis Leroy wrote: >>>> >>>> max bianco wrote: >>>>> >>>>> Can an option to completely disable the ability to disable SELinux be >>>>> added? I'd rather there was no way to turn it off at all. >>>> >>>> that doesn't make *any* sense >>>> >>> It make as much sense as the rest of this thread and what it proposes. >>> Yes I realize this is extreme but no more extreme in my view than disabled >>> by default or offering the option at install time. There is already a way to >>> disable it if you know enough and if you don't then you need it on anyway. >>> For crying out loud my girlfriend uses Fedora, her use is much closer to >>> average than any of the rest of us and SELinux has *never* caused her a >>> problem. My mother, as computer illiterate as they come( no disrespect >>> intended Mom) does not have any problems. This conversation is pointless, I >>> see a hundred posts about people complaining about people discussing things >>> like the GPL on a developer's list, a subject quite relevant in my view, but >>> when the idea of disabling practically the only security present on the >>> system is brought up , it actually gets entertained? Disable it?!?What?!? It >>> seems to me that entirely too many people have their priorities seriously >>> out of whack. >> >> you are COMPLETELY missing the point. In some context, security is >> irrelevant. Like that Fedora system we use in our lab at work for bringup >> testing: it doesn't even have a network card. >> > > The last time I looked a computer without internet access is completely > useless to the average user. What do you think the majority of people are > doing with their computers? playing solitaire? No network card is not the > norm. Anyway what's to stop some disgruntled employee from quietly loading a > program onto your test box that will have you scratching your head for days > because you can't imagine what might be wrong. I think you have missed my > point, probably because I failed to express it adequately so I will drop > it. This insanity isn't worth discussing anyway. I like SELinux due to the fact that is has personally saved my sorry ass at least once. However, I feel that users should be given the opportunity to disable SELinux at will. In my case, I disable SELinux on my firewalled, natted desktop. -- Fedora 7 : sipping some of that moonshine ( www.pembo13.com ) -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
