On 05/18/2011 09:58 PM, "Jóhann B. Guðmundsson" wrote:
> On 05/18/2011 03:57 PM, Adam Williamson wrote:
>> Feedback please! Thanks:)
> Given that we ship selinux on by default should this proposal only be 
> applicable to exploits/vulnerability that selinux cant catch and prevent 
> which leaves us with <insert type of exploits here )?

No.  SELInux (or firewall) is not a first line of defense.  These get
turned off by some users and we need to be sure we aren't relying on
them solely.  If there are important security issues, they should be
fixed before release regardless of whether SELinux would mitigate them
or not

Rahul
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Reply via email to