On 9/21/07, Mumia W.. <paduille.4061.mumia.w+nospam@earthlink.net> wrote:
On 09/21/2007 05:36 PM, Manoj Srivastava wrote:
On Fri, 21 Sep 2007 00:14:29 -0500, Mumia W
<paduille.4061.mumia.w+nospam@earthlink.net> said:
I concur. From what I've read, selinux seems complicated and
Linux-contorting enough to be placed at Debian's periphery--if not
outside of the perimeter altogether.
I am trying to make SELinux disappear -- back into the guts of
the OS where it belongs; and not impinge on end users. The mechanism
is deeper integration, not a kludgey superficial hackkery that causes
most of the problems you see.
manoj
Why is selinux in Debian at all?
Have any users asked for it?
I, for one, would specifically ask that it NOT be a standard feature, so
please, if it's to be offered at all, make it optional. I would hate one
day to find, after doing my routine updating of my testing system, to find
that functionality had been sacrificed to security (which has been my
experience with SELinux on RedHat systems at work).
Patrick