Drawing lessons from fatal SELinux bug #1054350

Sérgio Basto sergio at serjux.com
Fri Jan 24 04:18:17 UTC 2014

On Sex, 2014-01-24 at 00:55 +0100, Kevin Kofler wrote:
> So, what needs to happen:
> * SELinux must be disabled (or preferably, not installed in the first
> place, 
> to avoid wasting space for nothing) by default! Just consider the
> benefits 
> (none!) vs. the risks (what you are seeing now: bricked systems in
> both F20 
> and Rawhide, the users switching to other distributions). If we want
> to have 
> any users left, SELinux needs to go away NOW!

TBH: I always disable selinux , and yes, I vote on SELinux not be
install by default, not necessarily remove it.

> * The Update Policies must be repealed. This regression has shown us
> that 
> not only they totally failed at preventing it, but they are actively 
> contributing to exposing MORE users to broken updates by delaying
> regression 
> fixes. (This kind of regression fixes needs to go out DIRECTLY to
> stable!)

Also agree, this critical packages should go directly to stable and or
we should be able to revoke it.

Best regards,
Sérgio M. B.

More information about the devel mailing list