On 07/13/2010 05:11 PM, Christopher Brown wrote:
> [...]
> Whilst I appreciate your huge efforts to provide users with a more
> secure system, you need to realise that SELinux as it stands at the
> moment is utterly broken. As you clearly don't think this is the case,
> please spend some time in userland before beating on developers for
> not caring about this.
>
> If we can't even build (and QA!) a system that ships without SELinux
> warnings, there is clearly a problem. Adding SELinux checks to Fedora
> development slows things down even further. You really need to work
> with the AutoQA people to get this automated. Developers simply
> shouldn't have to worry about this.
>
> I understand wanting SELinux checks for *EL but for Fedora? Seriously?
>
> Wow, just wow.
I am sorry, Christopher but I have to partially disagree with you. There
is absolutely no reason to make Fedora any less secure than *EL. Or any
less secure that it can be. Yes, selinux can be cumbersome at times.
Yes, it can be improved. But that cannot be done without proper feedback.
And yes, AutoQA doing selinux checks is a good idea.
Manuel
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
