SELinux last straw
Les Mikesell
lesmikesell at gmail.com
Wed Oct 17 16:22:49 UTC 2007
Arthur Pemberton wrote:
>>>> SELinux may
>>>> APPEAR to be the root cause of all your problems. But it may only be
>>>> part of a chain reaction rooted somewhere else on your system.
>>>> SELinux may not be the cause, but perhaps the messenger, the visual
>>>> cue, the "chain" that you've now developed tunnel vision for and blame
>>>> for everything.
>>>>
>>> Turn off SELinux and you may actually be simply medicating the
>>> symptoms, not treating the root cause.
>> Yes, but there doesn't seem to be an exact science here, with weekly
>> updates being needed that break some things for some people...
>
> We have no evidence of that, at least not in the general fedora list.
> Maybe in the fedora-testing list.
Umm, OK... I guess this thread doesn't exist.
>> I think there is a good argument for understanding and using the simple
>> traditional unix security mechanisms that have served well for the last
>> 30 years until SELinux is stabilized to a point that it doesn't cause
>> surprises - especially if you run things that aren't included in the
>> distribution.
>
> Please don't start this crap again.
I'll stop it when there is a methodology for someone to solve the kind
of problem that Karl reports. With traditional unix security a few
simple checks can determine the status and any similar problem reported
to this list would have an immediate response with the fix or a test to
identify the problem. With this, we not only do not have an answer, in
the months this thread has continued, not only is there not a fix, no
one has produced a diagnostic test to even identify the issue.
How are you supposed to determine the 'correctness' of a given setup?
--
Les Mikesell
lesmikesell at gmail.com
More information about the users
mailing list