Forward looking to FC2 final and SELinux
Alan Cox
alan at redhat.com
Wed Apr 7 01:50:50 UTC 2004
On Tue, Apr 06, 2004 at 06:44:50PM -0700, Jesse Keating wrote:
> I'm thinking of this as a person who has to provide end user support for
> these releases, as well as somebody who is involved in writing books for
> these releases. I really need the distro to be usable, and desireable.
>
> So, I'd really appreciate any comments that go toward why the SELinux
> choice in Anaconda should default to enabled. Valid reasons. Please.
Because if the default loose rules are right then normal users simply wont
be aware of SELinux expect as something that appears in security errata
notes as "SELinux users are not affected"
Its no different to the argument about default firewall rules. Nowdays
nobody argues with them, but at the time I got some quite interesting flames
about defaulting to firewalling on and it breaking a tiny number of peoples
bits of software.
Ditto sendmail without tcp listener by default - although that so needs a
better config tool.
Alan
More information about the devel
mailing list