Manoj Srivastava wrote:
I think it means that Debian gets to be leader regarding the things it cares about. I doubt that the other distributions participating would object to having NSA Secure Linux compatibility dropped in their lap.Hmm. Does this not impede Debian in new directions we may like to take the distribution, like, say, making Debian be Se-Linux compatible, if we so choose?
It would be an interesting discussion. I don't see any reason that Debian needs to be steam-rollered, though.What happens if the situation is reversed? (LCC decides to go with RSBAC while we do not).
At the bottom of these two competing security implementations are two currently-incompatible APIs through which they connect to the kernel. It's not clear to me that REG and GFAC patches must be incompatible with LSM. It also seems that REG and GFAC abstract more facilities while LSM provides raw (and changing) access to those facilities. It would be nice if they would come to a merge.
Nobody is saying that you can't override the external stuff when necessary. Security would be a good reason to do so, if LCC is being tardy compared to Debian.Would outsourcing the core packages to third parties not make us less nimble (if I can use the word with a straight face)?
Thanks Bruce
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature