[refpolicy] authbind policy should be removed

Russell Coker russell at coker.com.au
Tue Jan 14 05:52:36 EST 2014


On Tue, 14 Jan 2014, Dominick Grift <dominick.grift at gmail.com> wrote:
> You do not have to install that module. If you don't want it then just
> remove it from your modules.conf, or do semodule -r authbind if its
> already installed.

What is the point in having dead code in the repository?

Code that is in the repository may be copied by other people, code that starts 
with the letter 'a' is more likely to be copied.  We don't want bad code 
copied to make more bad code.

The existence of the policy files will lead people to believe that it will 
work, it won't.  It will also lead people to believe that it's a good idea, on 
a SE Linux system it really isn't.

In retrospect I probably shouldn't have even written that policy module.  At 
the time we converted to modular policy whoever wasted time on converting it 
shouldn't have done so.  It's about 10 years overdue for that module to be 
removed.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/


More information about the refpolicy mailing list