On Fri, 12 Nov 2004 08:54:19 -0500, Craig <cs007fc@xxxxxxxxxx> wrote: > William Hooper wrote: > > > > Michael A. Peters said: > > [snip] > > > >>But there are still imho too many cases where it gets in the way of > >>what the desktop user wants to do for me personally to recommend it to > >>desktop users. You can see this in posts on the test list. Some of that > >>may be user error, but it still gets in the way sometimes. Maybe by FC4. > > > > > > Most of the posts to the test list about SELinux lately have been about > > httpd issues (serving from users home directories, cgi scripts, etc.). I > > would argue that the average "desktop" system wouldn't have those issues. > > > > SELinux makes just as much sense on the desktop, because it is another > > layer of permissions to keep you from making a mistake that will break > > things. > > > I completely agree. Remember that the default policy is "Targeted", which means that it targets > controls/apps that allow your pc to share internal info with the outside world. This kind of added > protection is always a good thing. It is important to remember that Red Hat made the decision long ago to > distribute SE Linux, not Linux. Even if they were to foray into desktop sales again, they would do so with > SE Linux, not Linux. It is the future be it server or desktop. > > Craig > > -- > -----BEGIN PGP PUBLIC KEY BLOCK----- > Version: GnuPG v1.2.5 (GNU/Linux) > > mQGiBECyQJQRBACLIa2u3u3/F8Pm+g5QD4K8eCgIC6RX1oXmtI9ALe9NhbNDZrcy > hYhInCwCifi1zhxZZ/Xu4zyavk8n96USoXylfVg2hAM/P3qLarbqMDvfVPyjtUFd > 8lg+NV4SgJ1F0jtqebrXu76AjCIBmLybQ1BYMTWDxB4xSW8lYlJT9+/QDwCg3f0z > 9knFKiyZbzp4gpJvl4wH8lMD/0iB5t4VQr0jkQ1R1nVFx8sL9DwDogJZ0SJHnHrq > fiBb+rx4lCLyz00VHlxxNSFsYRnpmefqC4ywfFnyQ9WpVxt3sqJ18ncxW04X3+cc > DHLwqLdW2IKjT9CY4buDqyV8dcOdvYbHR1qQ1dcecYq9fyGHlHYCOr2X5frAmRF4 > RcoRA/4oBXGKFhf2Q5ptguLHOce/2pzt2qoEL37IbSEATd2sjYE+HsDANzk+WXo9 > j4Cwwepio9JOJ1kQXeVo7D07HIIZyJuk/RAIh1ztQALk0sFFj2SPiurcRpze4gH0 > sn//CwlzY0swWaEoV0Jd/hALDvJvRQ+WZ+SVfJ5vfFKlGCowfrQxQ3JhaWcgU2hl > cndvb2QgKFByaW1hcnkgS2V5KSA8Y3MwMDdsakB3b3d3YXkuY29tPoheBBMRAgAe > BQJAskCUAhsDBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEOl3KJXc2eK43coAoIC+ > wnag2QF02yUMshL5jI4jyywbAJ4yDt9aacCfwTVPNXkkoU9kamjwZbkCDQRAskCp > EAgA8PmuinHlAukukL99OvbZ+eQusvrPACuvOxgNr8seDiJ1OTI5XfrUjgbJHNV2 > K6x69vyui3j3BIKjyo1nq/AY6qrl4R39XuDylnvLr/I7P2tuUHDjy831E+S0suCz > bEhRPxv42BnLkZP0ZdQteQn/bvDAHDJ0hMl21lau4PqU/sjQ7/yTGTUVGQhRQD1p > 8RLbcnSsNbVrQvymBOLfzAC/jZn3EQ4pEm2qMrNXM4IRpcDrrOpkoMYyuBs4JkJ6 > 0jpZ9SVabCZU3ceGGs8JrB4Sdm9omHKeIrBzCs5QnyYVVCY//bJTAp7inLYYRj6g > MmmLY4v35UXiCNmYfDYtYvLPFwAEDQgAz1aOHCkni2Vc62DIJJiYy9dQ+ZNxJH4y > QBVAJ69HFLHwTfDpyIHCedKwQnTc/wFYghtypXCJkyBE1AsQispArtux2gXADc9C > y6MR3pdOfCBNPf9152oNTYwaPFzUIm/OJfhyxT1gHRuGjb2F697YnlVEP5SKA7E5 > FeaZcg+d9FtBH/BUYpXzWvvE4mh3mfDJ/qwRJpK4qjhZncNSoiT7ZjX8LaNtvkK6 > aYQczNYV36pPGAe2GZ3MNWxtOYjLZJvmUw76ARPZn7Rt1jYdbXZJ3C0H+0BPEg+e > 1MsA3z3xO7Y+20fQLBqQC+sUyQWzURv+sme3go7A4/XnfP35OzCnAohJBBgRAgAJ > BQJAskCpAhsMAAoJEOl3KJXc2eK4WTQAnRX+0D+aIUSLYQ18xtqKUPQQQyphAJ0Z > WmPi4ubVkt7NDFm0rIVJza2IRQ== > =NGxD > -----END PGP PUBLIC KEY BLOCK----- > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list The more security the better, right? So is the answer to the original question ('do I need SELinux') ---- 'If you are running FC you are *already* running SELinux' ?? Q. If a person did a plain FCx install, are they already running SELinux or do they have to update their kernel ? Marc
