On October 30, 2012 16:14:10 Dmitry Makovey wrote:
Which really raises a question: should base policies (and modules) cover all aspects of "normal"/"legitimate" functionality of applications "out-of-the- box" or shall we expect it to cover only a subset? Is it SELinux's group role to suggest "insecure" practices that will not be covered by policies and probably should be discouraged irregardless of SELinux state (on or off)?
In my view ideally it should be transparent but in practice SELinux is also used to block "functionality" sometimes
A boolean for the above should be fine in my view
should I drop request in RH bugzilla?
For continuity, and FYI:
https://bugzilla.redhat.com/show_bug.cgi?id=872345