Re: http://www.golden-gryphon.com/software/security/selinux.xhtml
- To: antoine <antoine@nagafix.co.uk>
- Cc: SE-Linux <selinux@tycho.nsa.gov>, debian-devel@lists.debian.org, Blaisorblade <blaisorblade@yahoo.it>, Jeff Dike <jdike@addtoit.com>
- Subject: Re: http://www.golden-gryphon.com/software/security/selinux.xhtml
- From: Manoj Srivastava <srivasta@debian.org (va, manoj)>
- Date: Thu, 09 Jun 2005 23:33:59 -0500
- Message-id: <[🔎] 871x7a96fc.fsf@glaurung.internal.golden-gryphon.com>
- Mail-followup-to: antoine <antoine@nagafix.co.uk>, SE-Linux <selinux@tycho.nsa.gov>, debian-devel@lists.debian.org, Blaisorblade <blaisorblade@yahoo.it>, Jeff Dike <jdike@addtoit.com>
- In-reply-to: <[🔎] 20050609232031.GU8525@lkcl.net> (Luke Kenneth Casson Leighton's message of "Fri, 10 Jun 2005 00:20:31 +0100")
- References: <[🔎] 20050609192026.GM8525@lkcl.net> <[🔎] 1118356920.10190.175.camel@localhost> <[🔎] 20050609232031.GU8525@lkcl.net>
On Fri, 10 Jun 2005 00:20:31 +0100, Luke Kenneth Casson Leighton <lkcl@lkcl.net> said:
> On Thu, Jun 09, 2005 at 11:42:00PM +0100, antoine wrote:
>> On Thu, 2005-06-09 at 20:20 +0100, Luke Kenneth Casson Leighton wrote:
>> > manoj, hi,
>> >
>> > i am delighted to see the above web page re: selinux.
>> Err?
> never seen it before :)
>> >
>> > i notice you mention that there is an effort underway to make a
>> > uml-selinux.
>> >
>> > perhaps i should mention that it is utterly trivial to set up a
>> > xen system with a guest domain running pretty much any kind of
>> > kernel - including selinux enabled ones.
>> We have been running selinux guest kernels in uml for years, that
>> was
> _great_.
> hm - the above page gives the impression that it hasn't been:
> "There also has been an interest in creating an
> ^^^^^^^^
> SELinux UML, since it allows for rapid testing of policies,
> and packages, and to observe the reaction of the machine to
> threats and other stimuli. However, it has been tedious,
> traditionally, to create a UML that can be run in enforcing
> mode. A recipe for doing so has been created..."
------------------^^^^^^
Recipe \Rec"i*pe\ (r[e^]s"[i^]*p[-e]), n.; pl. {Recipes}
(r[e^]s"[i^]*p[=e]z). [L., imperative of recipere to take
back, take in, receive. See {Receive}.]
4. a method or procedure for accomplishing a goal by defined
steps; -- implying a high probability of achieving the
goal; as, a recipe for success. Also used in a negative
sense, as, a recipe for disaster.
>> not the issue here,
>> or are you just doing xen advocacy?
> i was under the impression, from the above, that somehow debian
> cannot run selinux/uml.
If it were not possible to do so, a recipe could also not have
been created.
> hm. sorry about that - the above URL gives an impression other
> than that.
Onnly if you
a) do not understand the meaning of the word recipe, and
b) do not follow the link down to
http://www.golden-gryphon.com/software/security/selinux-uml.xhtml
manoj
--
Calling you stupid is an insult to stupid people! Wanda, "A Fish
Called Wanda"
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: