selinux is a pain
Rahul Sundaram
metherid at gmail.com
Wed Sep 21 19:38:36 UTC 2011
On 09/20/2011 05:37 PM, Tom Horsley wrote:
> And, of course, the standard selinux policy files shipped with fedora
> have grown in the exact same fashion. The reason most folks don't have
> problems with selinux any longer is that all the quirks and foibles of
> all the programs shipped with fedora have gradually been added to the
> policy files, almost certainly without any of the intensive security
> reviews of the source which would make it marginally safe to allow
> those behaviors
You are wrong. Many issues were identified and fixed in the course of
writing these policies.
Rahul
More information about the users
mailing list