Re: A great article on why to use SeLinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



max wrote:
Konstantin Svist wrote:
Bruno Wolff III wrote:
On Fri, Feb 29, 2008 at 21:49:18 -0800,
  Konstantin Svist <fry.kun@xxxxxxxxx> wrote:
But then what am I, as the end-user, supposed to do? Supposedly, if the app isn't fixed right away, I should allow the activity by creating a rule -- but there doesn't seem to be an easy way of doing that. In essence, as the article says, selinux is well-suited for servers, not for desktops. Though I doubt how well it's suited for servers, since you still need to be able to do some voodoo ritual to get the server stuff working. If it's not common knowledge or completely automated, it's pretty much useless.

Yes there are tools to allow new rules to be added. There is at least
a command line tool to do this; I am not sure about a GUI tool.

It is suited for desktops as well. It has been getting some nice features
in that regard lately. Go take a look at Dan Walsh's live journal page
if you are interested in reading about these.


Yeah, but if I don't understand how any of it works, it's just as useful to me as the car keys are to a monkey. I've tried reading SELinux for Dummies (http://fedoraproject.org/wiki/SELinux/Understanding) but I still don't really get it. The worst part is, I had to concentrate to understand what the page is telling me - and I'm a CS major :P The average Joe won't even go this far - in other words, he won't understand how to work with it - meaning it's NOT suited for desktops.


The average Joe wouldn't even notice that its running.

Max

Not until it put the hose to her.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux