Re: [developers-l] Re: [debian-devel] Re: security enhanced debian branch?
On Sat, 20 Dec 2003 07:52, "Milan P. Stanic" <mps@rns-nis.co.yu> wrote:
> On Fri, Dec 19, 2003 at 01:03:17PM +0100, Peter Busser wrote:
> > Why is LSM good enough for SELinux and not for RSBAC? Because SELinux was
> > changed to fit LSM. One example, network access control was removed from
> > SELinux because there are no network access control hooks provided by
> > LSM.
>
> I thought (reading SELinux news) at [1] that the network acl are there:
> ---------------------------------------------------------------------
> Reimplemented network interface and node controls (2.6 only).
There are controls over what local processes may do with networking. But the
previous code for labeled networking has not been re-instated. Some new
functionality that was not in SE Linux before has been added, but some of the
previous functionality is still missing.
Work continues in this area.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: