Re: Updated SELinux Release
On Thu, Nov 04, 2004 at 01:02:35AM -0600, Manoj Srivastava wrote:
> On Wed, 03 Nov 2004 21:15:38 -0500, Colin Walters <walters@verbum.org> said:
>
> > On Wed, 2004-11-03 at 19:21 +0000, Dhruv Gami wrote:
> >> Personally, i would prefer to have those two tarballs available. I
> >> know most people using SELinux are familiar with patching the
> >> kernel, and are generally familiar with how Linux works and know
> >> their way around on a Linux system.
>
> > But moving forward, we don't want people to have to patch their
> > kernel or utilities.
>
> Moving waaay forward. I asked the Debian kernel team to
> consider compiling in SELinux (perhaps disabled by default, for
> starters), and was told that that is not going to fly because of
> "significant performance hit" one takes by compiling SELinux in. I
> did not have any data to refute the claim, so that is where we sit.
i had a bun-fight with the people who have taken over from herbert:
at the point where i told them that recompiling applications to be
optimised like yoper and gentoo distributions gives back performance
far in excess of that lost by selinux, i stopped hearing back from
them.
> While a laudable long term goal, the reality is that most
> distributions do not ship these utilities today, and in the case of
> Debian, progress, while it is happening, is slow enough that
> pragmatism requires we consider the reality that SELinux shall _not_
> be the default in the near term.
default: no.
available as an additional package: why not?
heck, personally i wouldn't even care if it was i386 or 686 only.
l.
--
--
you don't have to BE MAD | this space | my brother wanted to join mensa,
to work, but IT HELPS | for rent | for an ego trip - and get kicked
you feel better! I AM | can pay cash | out for a even bigger one.
--
Reply to: