How best get rid of SELinux?
Alan M. Evans
fedoralist at alanevans.org
Mon Sep 24 21:40:08 UTC 2007
On Mon, 2007-09-24 at 15:58 -0500, Mike McCarty wrote:
> Because SELinux is not a "thing", it is a way of writing apps.
No, no no! How many times does this have to be explained?
Applications don't need to know anything about SELinux in order to be
under its purview. Only applications that need to interact with SELinux
in some way need to know about it. I can easily write a program that
tries to open a forbidden resource and SELinux can most easily prevent
it despite that my application only #includes stdio.h and knows nothing
of the hidden hand that blocks it.
More information about the users