On Mon, 2006-04-03 at 02:00 -0700, Craig White wrote: > I don't see that - I see people conceding defeat without trying. Again, > I think the biggest obstacle is the use of language tokens that make it > appear to be complicated where if it were natural language, far fewer > people would be freaked out. > > In reality, it's not a server/desktop thing. It's only a matter of > whether said user is willing to spend the time/energy necessary to > understand at the very least, how to stop SELinux blocks from happening. > It looks like rocket science, it's not rocket science. While I agree that SELinux is not rocket science, I don't think that the above is fair to users. SELinux does need a lot of improvement in useability, and such work is in progress. We shouldn't criticize the messenger - we should learn from them in order to improve the useability of SELinux. At the same time, we shouldn't sacrifice the foundation that we already have, which is the right mechanism for security; we should instead build upon it in order to provide something that is both secure and useable. The alternative is the mistake made by some others - conflating the user interface with the mechanism and crippling their security mechanism in order to make it "useable" rather than building easy-to-use tools and languages on top of a general purpose and complete security mechanism. The need to improve useability of SELinux was discussed at the SELinux summit last month; the minutes are over at selinux-symposium.org for those who are interested. There are a number of tools in progress. There is also improving documentation over at the Fedora SELinux wiki. But in the end, let's be clear - choosing to disable SELinux is a legitimate option for users, and if we are at fault for not making it easy enough to use, then let's make it easier to use rather than blame those who are disabling it. And even when it is easier to use, some may still choose to disable it - and that's ok. -- Stephen Smalley National Security Agency
