Am 2011-01-23 00:12, schrieb Temlakos: > On 01/22/2011 05:53 PM, peter_someone wrote: >> Am 2011-01-22 22:20, schrieb Marko Vojinovic: >>> On Saturday 22 January 2011 15:03:46 Parshwa Murdia wrote: >>>> After I install F14 (KDE), how should I disable SeLinux? Because more >>>> of the time it gives alerts and it is highly technical in nature to >>>> understand the SeLinux (for a normal person, not from computers). >>> No you should not disable it. It is there to protect your system, and if you >>> are not a technical person, leave it as it is and don't mess with it. >>> >>> Also, if you are using your computer just for ordinary desktop stuff, you >>> should never see any alerts. >>> >>> You might provoke alerts if you are setting up servers or custom 3rd party >>> software or messing around the filesystem with root privileges. However, in all >>> those circumstances you are expected to be a non-beginner, to know what you >>> are doing, and to be able to resolve any SELinux alerts as they come (or ask >>> someone for help). Otherwise SELinux should Just Work (tm), and you should not >>> see any issues with it. >>> >>> HTH, :-) >>> Marko >>> >> I do wonder though - lots of distros don't use SELinux. Do they (say, >> Debian) use something else instead? Meaning: can I assume that if I >> disable SELinux and install I don't gufw or somethign equally simple >> that Fedora will be less secure than before but still just as safe as >> the next distro? >> >> greetings, >> peter > I wouldn't. > > If you are getting alerts, try the SELinux management tool. Better to > allow those things that you are sure are safe for you to do, than to > disable SELinux entirely. > > When Fedora first offered SELinux, its management was clunky. Today it > is seamless, or nearly so. > > Actually, you should address your questions to the Fedora SELinux list. > They take questions of this kind all the time. They'll ask you to > specify what, exactly, you were doing, and the nature of the alert. Then > they'll tell you how to work around it. (Though quite often they'll ask > you why you are using some apparently misbehaved software.) > > Understand this: security is all about whom do you trust, and what with, > and how far. > > Understand this also: the developers of That Other OS seem to know > nothing about security, and that's why their OS is so vulnerable that > one hears of at least one breach a month. > > Take control of your system. A lot of folks here are ready to help you > out. And Fedora's developers want to know the kinds of issues you're > running into. If they didn't, then SELinux might have been abandoned > long ago--but it has survived no less than twelve iterations. But they > won't know unless you tell them--and "how do I disable such-a-thing" is > not telling them; that's avoiding the issue. In this community, we face > issues squarely, so that we have lasting solutions. > > Temlakos Personally, I have no interest in disabling it anyway - i don't get alerts and have no problem otherwise. It was just a purely hypothetical question because I wonder how if SELinux is so essential most of the biggest linux-distros seem to completely neglect that fact..... Peter -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
