On 09/21/2007 05:36 PM, Manoj Srivastava wrote:
> On Fri, 21 Sep 2007 00:14:29 -0500, Mumia W
> <
paduille.4061.mumia.w+nospam@earthlink.net> said:
>
>> I concur. From what I've read, selinux seems complicated and
>> Linux-contorting enough to be placed at Debian's periphery--if not
>> outside of the perimeter altogether.
>
> I am trying to make SELinux disappear -- back into the guts of
> the OS where it belongs; and not impinge on end users. The mechanism
> is deeper integration, not a kludgey superficial hackkery that causes
> most of the problems you see.
>
> manoj
Why is selinux in Debian at all?
Have any users asked for it?
I, for one, would specifically ask that it NOT be a standard feature, so please, if it's to be offered at all, make it optional. I would hate one day to find, after doing my routine updating of my testing system, to find that functionality had been sacrificed to security (which has been my experience with SELinux on RedHat systems at work).
Patrick