Re: 2.6 and SE Linux

To: Russell Coker <russell@coker.com.au>
Cc: Debian Devel <debian-devel@lists.debian.org>
Subject: Re: 2.6 and SE Linux
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Fri, 19 Dec 2003 15:58:35 +1100
Message-id: <[🔎] 20031219045835.GA26383@gondor.apana.org.au>
In-reply-to: <[🔎] 200312190725.33759.russell@coker.com.au>
References: <[🔎] 200312190725.33759.russell@coker.com.au>

On Fri, Dec 19, 2003 at 07:25:33AM +1100, Russell Coker wrote:
> 
> I believe that Debian should do the same thing as Red Hat in terms of SE Linux 
> kernel support.  That is 2.6 kernels should be built with SE Linux support 
> and let the user decide whether to enable it.  If the 
> CONFIG_SECURITY_SELINUX_BOOTPARAM kernel option is enabled and you boot with 
> "selinux=0" (or if the Debian kernel source was modified to make selinux=0 
> the default and require selinux=1 to boot with SE Linux) then there is no 
> performance cost to SE Linux.
> 
> The only cost for including SE Linux in the default kernel is a small amount 
> of memory and a small amount of disk space for vmlinuz (both less than 50K 
> last time I checked).

I have no objections to this in principle.  However, I probably won't get
around to having a look at it until 2.6.1.
-- 
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to:

References:
- 2.6 and SE Linux
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: Release-critical Bugreport for December 12, 2003
Next by Date: Re: [OT] Re: Changes in formal naming for NetBSD porting effort(s)
Previous by thread: 2.6 and SE Linux
Next by thread: Bug#224423: ITP: p3scan -- transparent POP3-proxy with virus- and spam-scannig
Index(es):
- Date
- Thread