Le dimanche 12 février 2017 18:43:22 CET Tobias Markus a écrit :
I would be glad if Arch Linux's official kernel could support SELinux again this way! https://lists.archlinux.org/pipermail/arch-general/2014-March/035679.html
Thank you for the link you posted. I went through most of the discussion. This quote is what strikes me most : https://lists.archlinux.org/pipermail/arch-general/2014-March/035658.html
That they are disabled at runtime does not mean that they have no impact at runtime. At best, it's "only" a performance impact and at worst, it even causes problems.
Everything has already been discussed. The global conclusions seem to be : Most users don't need SELinux/AppArmor or anything that protects them from themselves; Implementing these features in the kernel may lead to more trouble than ease; Arch kernel's devs and other devs are not ready for the tremendous tasks following such a decision; These features can be compiled in personal kernels if required; Arch devs do that on a voluntary basis and can't respond to all requests. For me, I'm happy with Arch as it is, I'm happy the previous discussion led to the 'no need' conclusion, and I just want to voice I wish it goes on this way. Regards.