Vitaly Zaitsev via devel writes:
On 05/09/2021 09:19, Peter Boy wrote:
> Much to my chagrin, you describe the biggest problem in Fedora for years and
> the one why Fedora is falling further and further behind among
> distributions. The problem overshadows all that many positive features that
> otherwise distinguish Fedora.
SELinux has saved Fedora users from many critical vulnerabilities (eg.
telnetd RCE CVE last year). This is a last line of defense.
Great. If only SELinux wasn't such a siloed domain; if only a great,
overwhelming majority of Fedora package maintainers were able to write
policies for their own packages and maintain it themselves because SELinux
documentation was ample and easy to fllow; then these constant AVC failures
would likely be a thing of the past.