On Thu, Jan 20, 2011 at 01:51:03 +0200, Kostas Sfakiotakis <kostassf@xxxxxxxxxxxxxxx> wrote: > > A small comment here , actually SELinux is an NSA invention which > is supposed to provide extra security to your system by controlling > everything and everyone . selinux is a mandatory access control system. This is needed to prevent hostile code from doing things on your behalf that it shouldn't. If you really don't want that protection run selinux in permissive mode. > Since i started this thread , let me clarify something . All i was > trying to do was to open a pdf file simple as that and i do believe > that on my computer am pretty much entitled to do so . selinux access takes precedence over root access. Though as delivered, root can set selinux to permissive mode to get around that. If you really want protection when running as root, you'd at least need to turn that setting off. (Then you'd need to reboot to change the setting.) You also need to have root logins use a more restrictive role when logging in. Otherwise there a lot of ways to subvert the system. > Well i was logged in as root at the momment . What am i supposed to do ?? > Logout and login back again just to run Acrobat Reader ????? I do > believe that would be an overkill . Personally, I'd recommend not using acrobat reader. PDFs are more like executable programs than documents. So besides having to worry about bugs in acrobat reader (of which there have been plenty with security implications), you have to worry about valid PDFs doing things to your system or with your pre-existing data that you don't want. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
