[CentOS] SELinux - way of the future or good idea but !!!

Wed Dec 8 22:55:59 UTC 2010
Lamar Owen <lowen at pari.edu>

On Wednesday, December 08, 2010 05:11:23 pm Warren Young wrote:
> Let's not drag the desktop user into this discussion, too.

Why not?  Are there no CentOS desktop users out there?  Are the needs of the desktop just to be ignored?  I support desktop Linux users who are not power users; works great for them.  They're thrilled to not have viruses.

> Long experience has shown that when Joe User tries to do Thing X and is 
> prevented, then a popup appears that in effect says "run this command to 
> make this popup go away and allow Thing X to happen", THEY WILL RUN THE 
> COMMAND.  It's so reliable an effect that you could make a killing if 
> any bookie were stupid enough to let you bet on it.

Exactly.  That is precisely why you want controls to restrict what some random program can do, and thus remove the danger. In my three teenage childrens' vernacular, 'Well, duh!'

> Please, let's keep this thread centered on professionally-managed 
> servers, the focus of CentOS, and thus hopefully this list.  

Who says that's the focus?  While I'm sure the majority of CentOS installs are for servers, the CentOS desktop does exist.  I know I have plenty of CentOS servers; I also have Linux desktops of more than one distribution scattered all over.