Re: 2.6 and SE Linux

On Fri, Dec 19, 2003 at 07:25:33AM +1100, Russell Coker wrote:
> I believe that Debian should do the same thing as Red Hat in terms of SE Linux 
> kernel support.  That is 2.6 kernels should be built with SE Linux support 
> and let the user decide whether to enable it.  If the 
> CONFIG_SECURITY_SELINUX_BOOTPARAM kernel option is enabled and you boot with 
> "selinux=0" (or if the Debian kernel source was modified to make selinux=0 
> the default and require selinux=1 to boot with SE Linux) then there is no 
> performance cost to SE Linux.
> The only cost for including SE Linux in the default kernel is a small amount 
> of memory and a small amount of disk space for vmlinuz (both less than 50K 
> last time I checked).

I have no objections to this in principle.  However, I probably won't get
around to having a look at it until 2.6.1.
