Security enthusiasts wanted: from beginners up to SELinux experts to make up the SELinux "Confined Users (SIG)" to foster Fedora's security capabilities

We now have a tag for our SIG. On one hand, the dedicated confined-users tag for SIG discussions, and also a wider security-sig tag that is shared among security-related SIGs and may facilitate collaboration / exchange.

Another tag for ask.fedora is to come next. I will let you know here once it exists.

Since we now have a tag for SIG discussions, I suggest to open a new topic with our tag if anything is to be discussed about this SIG. Then, this big old one is finally allowed to fall asleep :slight_smile:


I just added the ask.fedora tag: selinux-confined-users (it seems I have again the capability to do that :sunglasses: ).

Since the one feedback loop we already have is so far focused on SELinux policies, I made a specific tag. When we work on summarizing/analyzing data for the SELinux team upstream, I think it makes sense to be able to delimit related topics. I am not sure if, e.g., “sudo” and “SELinux” should be mixed in topics when only one applies (this is also for the comprehensibility for other supporters in ask.Fedora). Also, the generic “confined-users” tag is blocked in ask.Fedora due to its use in project discussion.

However, we can add further tags if we want: if we aim to develop a feedback loop for sudo or so, we might create later a #sudo-confined-users tag or so. This helps ourselves as well when we want to consolidate data of one confinement type without getting distracted by other types.

I have adjusted the Wiki correspondingly: Feel free to review and adjust it (I tried to not focus it on SELinux but also keep making aware of the other confinement possibilities). I also mentioned that users can add in ask.Fedora additionally to the related tag (such as sudo or so) the selinux-confined-users tag for now as second tag if they have a question with any regards to confinement, even if it is not SELinux-specific confinement. This way we avoid both to flood with many new tags but also avoid to confuse the ask.Fedora supporters.

A slight point to the end: everyone shall feel encouraged to subscribe to the selinux-confined-users tag to get informed when someone opens a topic. I have done already :slight_smile: Of course it is the same for the Project Discussion tag confined-users .

1 Like

You can, but if it isn’t attached to any topics, it will get auto-deleted eventually. So, it might be useful to “seed” it with some basic question (and presumably, answer).

I’ll go ahead and close this one so it doesn’t end up lumbering on as a sleep-walker.

As a reminder to anyone who wants to continue discussion from any post in the long thread above: