[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SELinux Suggestion



On 09/21/2007 09:20 PM, Patrick Wiseman wrote:
On 9/21/07, Mumia W.. <paduille.4061.mumia.w+nospam@earthlink.net> wrote:
On 09/21/2007 05:36 PM, Manoj Srivastava wrote:
On Fri, 21 Sep 2007 00:14:29 -0500, Mumia W
<paduille.4061.mumia.w+nospam@earthlink.net> said:

I concur. From what I've read, selinux seems complicated and
Linux-contorting enough to be placed at Debian's periphery--if not
outside of the perimeter altogether.
        I am trying to make SELinux disappear -- back into the guts of
 the OS where it belongs; and not impinge on end users.  The  mechanism
 is deeper integration, not a kludgey superficial hackkery that causes
 most of the problems you see.

        manoj
Why is selinux in Debian at all?

Have any users asked for it?


I, for one, would specifically ask that it NOT be a standard feature, so
please, if it's to be offered at all, make it optional.  I would hate one
day to find, after doing my routine updating of my testing system, to find
that functionality had been sacrificed to security (which has been my
experience with SELinux on RedHat systems at work).

Patrick


(Redirected to the list.)

Read the other messages in the thread. If Debian supports SElinux, important, core system libraries must be built with SElinux support.

There is no option to make SELinux optional. Discussion centers around how visible it will be.



Reply to: