On Mon, Aug 7, 2017 at 8:28 AM, Ritesh Raj Sarraf <r...@debian.org> wrote: > On most systems, people tend to disable LSM first. Because many a times > an inadequate policy hinders the use of the tool. And on the desktop > machine this becomes more common an issue.
While there are plenty of people who recommend disabling SELinux by default on Fedora/RHEL (at least in the past), it's far, far less common to hear about anyone recommending disabling AppArmor. And that's one reason AppArmor is being proposed here and not SELinux. Thanks, Jeremy Bicha
