I completely agree. Remember that the default policy is "Targeted", which means that it targets controls/apps that allow your pc to share internal info with the outside world. This kind of added protection is always a good thing. It is important to remember that Red Hat made the decision long ago to distribute SE Linux, not Linux. Even if they were to foray into desktop sales again, they would do so with SE Linux, not Linux. It is the future be it server or desktop.Michael A. Peters said: [snip]
But there are still imho too many cases where it gets in the way of what the desktop user wants to do for me personally to recommend it to desktop users. You can see this in posts on the test list. Some of that may be user error, but it still gets in the way sometimes. Maybe by FC4.
Most of the posts to the test list about SELinux lately have been about httpd issues (serving from users home directories, cgi scripts, etc.). I would argue that the average "desktop" system wouldn't have those issues.
SELinux makes just as much sense on the desktop, because it is another layer of permissions to keep you from making a mistake that will break things.
Craig
-- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.2.5 (GNU/Linux)
mQGiBECyQJQRBACLIa2u3u3/F8Pm+g5QD4K8eCgIC6RX1oXmtI9ALe9NhbNDZrcy hYhInCwCifi1zhxZZ/Xu4zyavk8n96USoXylfVg2hAM/P3qLarbqMDvfVPyjtUFd 8lg+NV4SgJ1F0jtqebrXu76AjCIBmLybQ1BYMTWDxB4xSW8lYlJT9+/QDwCg3f0z 9knFKiyZbzp4gpJvl4wH8lMD/0iB5t4VQr0jkQ1R1nVFx8sL9DwDogJZ0SJHnHrq fiBb+rx4lCLyz00VHlxxNSFsYRnpmefqC4ywfFnyQ9WpVxt3sqJ18ncxW04X3+cc DHLwqLdW2IKjT9CY4buDqyV8dcOdvYbHR1qQ1dcecYq9fyGHlHYCOr2X5frAmRF4 RcoRA/4oBXGKFhf2Q5ptguLHOce/2pzt2qoEL37IbSEATd2sjYE+HsDANzk+WXo9 j4Cwwepio9JOJ1kQXeVo7D07HIIZyJuk/RAIh1ztQALk0sFFj2SPiurcRpze4gH0 sn//CwlzY0swWaEoV0Jd/hALDvJvRQ+WZ+SVfJ5vfFKlGCowfrQxQ3JhaWcgU2hl cndvb2QgKFByaW1hcnkgS2V5KSA8Y3MwMDdsakB3b3d3YXkuY29tPoheBBMRAgAe BQJAskCUAhsDBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEOl3KJXc2eK43coAoIC+ wnag2QF02yUMshL5jI4jyywbAJ4yDt9aacCfwTVPNXkkoU9kamjwZbkCDQRAskCp EAgA8PmuinHlAukukL99OvbZ+eQusvrPACuvOxgNr8seDiJ1OTI5XfrUjgbJHNV2 K6x69vyui3j3BIKjyo1nq/AY6qrl4R39XuDylnvLr/I7P2tuUHDjy831E+S0suCz bEhRPxv42BnLkZP0ZdQteQn/bvDAHDJ0hMl21lau4PqU/sjQ7/yTGTUVGQhRQD1p 8RLbcnSsNbVrQvymBOLfzAC/jZn3EQ4pEm2qMrNXM4IRpcDrrOpkoMYyuBs4JkJ6 0jpZ9SVabCZU3ceGGs8JrB4Sdm9omHKeIrBzCs5QnyYVVCY//bJTAp7inLYYRj6g MmmLY4v35UXiCNmYfDYtYvLPFwAEDQgAz1aOHCkni2Vc62DIJJiYy9dQ+ZNxJH4y QBVAJ69HFLHwTfDpyIHCedKwQnTc/wFYghtypXCJkyBE1AsQispArtux2gXADc9C y6MR3pdOfCBNPf9152oNTYwaPFzUIm/OJfhyxT1gHRuGjb2F697YnlVEP5SKA7E5 FeaZcg+d9FtBH/BUYpXzWvvE4mh3mfDJ/qwRJpK4qjhZncNSoiT7ZjX8LaNtvkK6 aYQczNYV36pPGAe2GZ3MNWxtOYjLZJvmUw76ARPZn7Rt1jYdbXZJ3C0H+0BPEg+e 1MsA3z3xO7Y+20fQLBqQC+sUyQWzURv+sme3go7A4/XnfP35OzCnAohJBBgRAgAJ BQJAskCpAhsMAAoJEOl3KJXc2eK4WTQAnRX+0D+aIUSLYQ18xtqKUPQQQyphAJ0Z WmPi4ubVkt7NDFm0rIVJza2IRQ== =NGxD -----END PGP PUBLIC KEY BLOCK-----
Attachment:
signature.asc
Description: OpenPGP digital signature
