[CentOS] SELinux - way of the future or good idea but !!!
Christopher Chan
christopher.chan at bradbury.edu.hk
Thu Dec 9 00:22:04 UTC 2010
On Thursday, December 09, 2010 06:55 AM, Lamar Owen wrote:
> On Wednesday, December 08, 2010 05:11:23 pm Warren Young wrote:
>> Let's not drag the desktop user into this discussion, too.
>
> Why not? Are there no CentOS desktop users out there? Are the needs of the desktop just to be ignored? I support desktop Linux users who are not power users; works great for them. They're thrilled to not have viruses.
+1
I possibly would have had Centos desktops strewn all over the school if
it had met certain needs in a trial two years ago.
>
>> Long experience has shown that when Joe User tries to do Thing X and is
>> prevented, then a popup appears that in effect says "run this command to
>> make this popup go away and allow Thing X to happen", THEY WILL RUN THE
>> COMMAND. It's so reliable an effect that you could make a killing if
>> any bookie were stupid enough to let you bet on it.
>
> Exactly. That is precisely why you want controls to restrict what some random program can do, and thus remove the danger. In my three teenage childrens' vernacular, 'Well, duh!'
>
>> Please, let's keep this thread centered on professionally-managed
>> servers, the focus of CentOS, and thus hopefully this list.
>
> Who says that's the focus? While I'm sure the majority of CentOS installs are for servers, the CentOS desktop does exist. I know I have plenty of CentOS servers; I also have Linux desktops of more than one distribution scattered all over.
It is kind of true that the desktop is a bit neglected by Redhat in
comparison to what it does for the server. But whatever. SELinux for the
desktop is the same kind of challenge as it is for third-party applications.
More information about the CentOS
mailing list