On 01/22/2011 05:53 PM, peter_someone wrote: > Am 2011-01-22 22:20, schrieb Marko Vojinovic: >> On Saturday 22 January 2011 15:03:46 Parshwa Murdia wrote: >>> After I install F14 (KDE), how should I disable SeLinux? Because more >>> of the time it gives alerts and it is highly technical in nature to >>> understand the SeLinux (for a normal person, not from computers). >> No you should not disable it. It is there to protect your system, and if you >> are not a technical person, leave it as it is and don't mess with it. >> >> Also, if you are using your computer just for ordinary desktop stuff, you >> should never see any alerts. >> >> You might provoke alerts if you are setting up servers or custom 3rd party >> software or messing around the filesystem with root privileges. However, in all >> those circumstances you are expected to be a non-beginner, to know what you >> are doing, and to be able to resolve any SELinux alerts as they come (or ask >> someone for help). Otherwise SELinux should Just Work (tm), and you should not >> see any issues with it. >> >> HTH, :-) >> Marko >> > I do wonder though - lots of distros don't use SELinux. Do they (say, > Debian) use something else instead? Meaning: can I assume that if I > disable SELinux and install I don't gufw or somethign equally simple > that Fedora will be less secure than before but still just as safe as > the next distro? > > greetings, > peter I wouldn't. If you are getting alerts, try the SELinux management tool. Better to allow those things that you are sure are safe for you to do, than to disable SELinux entirely. When Fedora first offered SELinux, its management was clunky. Today it is seamless, or nearly so. Actually, you should address your questions to the Fedora SELinux list. They take questions of this kind all the time. They'll ask you to specify what, exactly, you were doing, and the nature of the alert. Then they'll tell you how to work around it. (Though quite often they'll ask you why you are using some apparently misbehaved software.) Understand this: security is all about whom do you trust, and what with, and how far. Understand this also: the developers of That Other OS seem to know nothing about security, and that's why their OS is so vulnerable that one hears of at least one breach a month. Take control of your system. A lot of folks here are ready to help you out. And Fedora's developers want to know the kinds of issues you're running into. If they didn't, then SELinux might have been abandoned long ago--but it has survived no less than twelve iterations. But they won't know unless you tell them--and "how do I disable such-a-thing" is not telling them; that's avoiding the issue. In this community, we face issues squarely, so that we have lasting solutions. Temlakos -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
