SELinux removed from desktop cd spin?

[Karsten 'quaid' Wade]

On Thu, 2008-01-17 at 08:15 +0100, Valent Turkovic wrote:

> I believe that SELinux it too raw for 
> general purpose desktop. Give it a year or two to mature and maybe
> then.

Were you not a Fedora user during the FC2 and FC3 introduction of
SELinux?

SELinux is exceedingly mature, especially compared to some of the rest
of the software we provide.

What it does is complex and crucial.  The only way to make it better is
to run it, report the few problems that occur, and get them fixed.

Meanwhile, covering >1500 applications with solid policy is a good
thing, no matter what.

After all, the last thing we need is a live media desktop edition that
has SELinux disabled, then a vulnerability is discovered in the live
media that allows an attacker to root the box.  Since there is no
SELinux to limit root privileges, we have an unknown number of live
media discs out there, no way to update them, waiting to make bad news
for the user and the Fedora Project.

I think Michael Tiemann said it best:

"SE Linux--a great open source success story"

http://opensource.org/node/240

Michael is not talking about a future success story but one that has
been successful for a few years already.

- Karsten, who will never forget FC2/FC3 SELinux introduction ...
-- 
Karsten Wade, Developer Community Mgr.
Dev Fu : http://developer.redhatmagazine.com
Fedora : http://quaid.fedorapeople.org
gpg key : AD0E0C41

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20080117/97e26a7f/attachment-0002.bin