OSNews

Likely not in the short term. When Fedora adopted SELinux in Fedora Core 2 it caused a lot of issues and ended up being disabled by default. Then a targeted policy was designed with just about a dozen programs for Fedora Core 3 and then enabled by default.

Over a period of 6 releases, a lot of policy development, additional tools development, performance etc has been done where it has slowly gotten into the stage where most of the thorny issues are resolved and it works seamlessly for quite a large number of users

Ubuntu (and any other distros) introducing SELinux even disabled by default currently is a good first step before getting rest of the programs working together with SELinux which is actually the bigger part of the integration work that needs to be done. They could probably benefit a lot from adopting policies and tools development done within Fedora and making adjustments where necessary. More distributions adopting this technology is good for improving the overall state of security in Linux since writing policies tends to expose potentially security issues and if you end up disabling SELinux for some programs or even entirely you still get a lot of the residue benefits from it.

James Morris, one of the Red Hat SELinux developer posted his thoughts on

http://james-morris.livejournal.com/27494.html

Edited 2008-03-19 23:54 UTC