On 12/31/11 12:04 , Holger Levsen wrote:
On Freitag, 30. Dezember 2011, Russell Coker wrote:
I can't imagine what the benefit would be in using "official" packages that
I created and uploaded to Debian over using "unofficial" packages that I
created and couldn't get in a Squeeze update
Frankly, your lack of imagination is pretty sad. The difference is that people
cannot use squeeze properly without relying on some external repository.
Easy now... SELinux worked fine even in Lenny in targeted mode (except
DHCP, but that was my own fault starting such changes before fully
understanding them or reading the full docs). Unfortunately, running
Debian with SELinux seems to be a niche among Debian developers,
especially on the desktop, which most presumably develop and test their
packages. As such, most packages are completely untested with SELinux or
lack any sort of policy, unless Russell develops one (I think the
responsability for developing a policy would better lie with each
package maintainer - a single person cannot cover 16000+ packages in
Debian), or if you have the time to fix your system writing your own
policies. For a server, most things are probably covered; for a desktop,
much less.
If you need mature, well-debugged SELinux support covering pretty much
everything, and you can live with having 5-6 "unofficial" repositories
that are sometimes causing conflicts, and, even so, significantly less
software than Debian has, and you don't need to upgrade "in-place"
between releasea a la apt-get, a distro from the RHEL family might be a
better choice. They even constrain what Totem, Firefox or Evolution may do.
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4efefad7.5010...@googlemail.com
