> > If you use a web browser to view more than a short list of trusted sites, > > you need selinux. > > > > If you run network services accessible from outside the machine then you > > need selinux. > > > > If you run binaries from semitrusted groups (this includes most commercial > > software) then you need selinux. > > You don't _need_ SELinux in any such cases.
I wouldn't dare run some of the web plugins without them being very very constrained by a security tool. I'm not sure I trust some of the image libraries either although the google audit work seems to be slowly improving it. Unfortunately application library security has taken a nasty turn for the worse because any library exploit in a library also used on the iphone is now being sat on by jailbreakers rather than reported. Alan -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
