On Sun, 2006-04-02 at 08:04 -0700, Craig White wrote: > More to the issue however, Linux is both a production and a > participatory system where it is expected that a 'user' minimally > participate in providing feedback so the product is improved and your > suggestions above suggest that your decision to turn it off is formed > by an arrogance that has others participating while you opt out. Not everyone has the ability to debug every single thing that's wrong with Fedora. There comes a time when you look at what's more of a problem to deal with, fixing the problem, stopping using something you can't get to work, or stopping using something that's stopping you from doing what you want to do. I've had to give up fighting with SELinux on one machine, it just gets in the way in far too many places, and is a completely user-unfriendly system. You've got extremely obscurely named contexts to set, and they've all got to be done through the command line with woeful documentation. I've yet to see a GUI tool where you can list a directory, or look at a file, and see that the file is web servable, or whatever, or make one so that's not. And the logging is bloody awful. The targeted approach goes some way towards making it a bit manageable (only applying SELinux to some predetermined things). Though, that approach, of course, leaves holes where you might be got at. A little security isn't much better than a lot of insecurity. The feedback you're seeing from him, and some others, is that its current implementation is awful. It's got to be usable in more senses than one. -- (Currently running FC4, occasionally trying FC5.) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
