Am 2011-01-23 02:16, schrieb Marko Vojinovic: > On Saturday 22 January 2011 22:53:26 peter_someone wrote: >> Am 2011-01-22 22:20, schrieb Marko Vojinovic: >>> On Saturday 22 January 2011 15:03:46 Parshwa Murdia wrote: >>>> After I install F14 (KDE), how should I disable SeLinux? Because more >>>> of the time it gives alerts and it is highly technical in nature to >>>> understand the SeLinux (for a normal person, not from computers). >>> No you should not disable it. It is there to protect your system, and if >>> you are not a technical person, leave it as it is and don't mess with >>> it. >> I do wonder though - lots of distros don't use SELinux. Do they (say, >> Debian) use something else instead? Meaning: can I assume that if I >> disable SELinux and install I don't gufw or somethign equally simple >> that Fedora will be less secure than before but still just as safe as >> the next distro? > Sorry, I didn't understand, what do you mean by "I don't gufw"? > > As for other distros, they are just reluctant to enable SELinux by default, I > guess because they still don't have a well developed policy to use for > enforced mode. Fedora has been actively developing the policy since FC2, ie. > over 6 years now. I don't know if the policy can be easily shared across > different distros. > > The alternative software is/was AppArmor, developed mainly by SuSE people > (AFAIK), but recently Novell decided to "reduce" the number of people working > on it (down to a one-man team, IIRC), and the former team leader went to work > for Microsoft (!!!). You can read about it on the blog news, google them up. > > SuSE is now also offering a kernel with SELinux built in but disabled by > default. Users who wish to try it out can enable it and create their own > policy. > > Also, AFAIK, Ubuntu has been offering SELinux support for some time now, > although it is also disabled by default. > > RHEL, and clones like CentOS and ScientificLinux have SELinux enabled and > running by default, using the policy derived from Fedora. > > I wouldn't know about other distros. > > In general, it seems that SELinux is slowly getting adopted by many, if not > all distros. And yes, I would say that distros which don't have SELinux in > enforcing mode by default are indeed less secure than Fedora. So to answer > your question, if you disable SELinux in Fedora, it will be as secure as any > distro that doesn't use SELinux, which is *less* secure than with SELinux > active. > > HTH, :-) > Marko > Thanks man - THAT'S what I wanted to know :) -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
