On Fri, 2008-12-12 at 06:21 -0500, Leam Hall wrote: > So far I've avoided the issue by turning SELinux off. While I think > SELinux is a great idea for advanced users and servers it seems to make > new user transitions difficult. > > I wonder if making SELinux default to "disabled" if the install selects > the Desktop/Office Suite group makes sense? Absolutely not. People seem to have this notion that SELinux will only help servers and advanced workstations, where in fact, the situation is exactly the opposite. Desktop installations are in greatest need of the protections afforded by SELinux. First, I think it is safe to say that server software developers are generally far more mindful of security in their development cycle than are those of desktop software. All of those potentially unchecked buffers in the gobject code of gnome are a rather frightening prospect (although the fact that they run as an unprivileged user makes this a little more bearable). An inexperienced (i.e. typical) desktop user pays little heed to the content of what they download, will trust just about anything that comes to their inbox, and will generally inadvertently do their best to break the security of their system. For this reason, SELinux is extremely important in the common desktop case. Finally, these users generally have the most main-stream workflows (e.g. Internet, email, and word processing) and thus are some of the least likely to break SELinux. I believe that maintaining a usable SELinux infrastructure is absolutely critical to the long-term security of the Linux desktop. If and when we begin to represent an appreciable user base, there will be no shortage of people seeking to test our security, but these won't be nearly as innocuous as the code reviewers who currently catch our security holes. For this reason, the second layer of protection provided by SELinux is crucial. - Ben -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
