From: guido@trentalancia.com (Guido Trentalancia)
Date: Fri, 18 Mar 2011 18:14:08 +0100
Subject: [refpolicy] dual mailing list (was Question: and the policy
	grows...)
In-Reply-To: <4D8361F7.8060007@tresys.com>
References: <1300369855.30425.14.camel@tesla.lan>
	<4D8219D9.7080504@redhat.com> <1300377867.30425.40.camel@tesla.lan>
	<4D823A60.9020107@redhat.com> <1300390804.31755.6.camel@tesla.lan>
	<4D8361F7.8060007@tresys.com>
Message-ID: <1300468448.14419.9.camel@tesla.lan>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hello again Christopher !

On Fri, 18/03/2011 at 09.45 -0400, Christopher J. PeBenito wrote:
> On 03/17/11 15:40, Guido Trentalancia wrote:
> > On Thu, 17/03/2011 at 12.44 -0400, Daniel J Walsh wrote:
> >> On 03/17/2011 12:04 PM, Guido Trentalancia wrote:
> >>> On Thu, 17/03/2011 at 10.25 -0400, Daniel J Walsh wrote:
> 
> >> I think getting people to go in and examine the policy and ask
> >> questions, why do we have these rules would be helpful.  Maybe we setup
> >> test days, or something to remove bogus policy.
> > 
> > There is at least the limit of not having many people on this list
> > compared to most other Linux projects. Perhaps security is considered
> > something boring to the average user/developer. Or even more likely
> > SELinux is still perceived as "difficult to get into" (a documentation
> > issue).
> 
> I think theres two things.
> 
> 1. People don't actually care about security, especially if it
> complicates/hinders what they're trying to do.  Most people seek
> security measures as a reaction to a security breach.
> 2. Of the people that have some interest, SELinux is typically seen as
> too difficult.  We've been working on improving this for years.

I have an idea.

Things will probably improve considerably if you manage to set up two
separate mailing lists: one for the end-users and one for the
developers. This mailing list will coincide with the latter.

This is common practice in open source software. The cost is minimal
(reconfiguration of an existing mailing list server and update of a few
existing web pages and documents).

Most of the time users are facing common issues and could help each
other. Archived message would make a knowledge base. Developers could
voluntarily spare some time on the end-user mailing list and at the same
time could benefit from important feedback that is not an explicit bug
report.

Of course the same could be done for SELinux with similar benefits and
cost.

Regards,

Guido