On Thu, 2005-03-31 at 02:15 +0100, Timothy Murphy wrote: > Stephen Smalley wrote: > > >> Will I be able to turn off selinux under FC-4 ? > >> > >> Life is hard enough without inventing problems ... > > > > You should always be able to turn it off during the install or > > subsequently using system-config-securitylevel. No plans to change that > > AFAIK. But I'm not sure what you mean by the latter statement. > > While selinux is probably important for big systems, > I don't think it offers much for a home user like myself. > It's possible, I suppose, that someone might get through my firewall > (shorewall) but it doesn't seem very likely, > as I don't run any services visible from outside. The real threat for your kind of system has always really been flaws in programs like firefox, movie players, image loaders, etc., not network daemons. While it's true that in Fedora right now the targeted SELinux policy does not confine those programs, in the future it will. Disabling it now will also disable the protection we will add in the future. For a home user system you're not likely running Apache HTTPD, so I don't see why you have trouble with the current policy anyways.
