[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Updated SELinux Release

On Saturday 06 November 2004 02:57, Luke Kenneth Casson Leighton 
<lkcl@lkcl.net> wrote:
>  debian doesn't GIVE users that choice [remember the adamantix
>  bun-fight, anyone?] and instead settles for about the lowest possible
>  common denominator - no consideration to modern security AT ALL!

Doing the things that Adamantix does takes some work.  The Adamantix people 
are doing their own distribution and are not contributing to Debian.  There 
are many Debian developers who want to see the same stuff included in Debian 
(including me), but no-one with the right combination of interest, time, and 

If someone is looking for things to work on then it would be a good place to 

>  maybe it's just me with my weird setup [very likely], but
>  running mozilla under KDE 3.3.0 with selinux
>  on a 256mb system P4 2.4Ghz) is a 10-11 second startup,
>  whereas if i set selinux=0 i've seen as fast as a THREE second
>  startup time.

That sounds bizarre.  What does "enforcing=0" give?  What if you kill klogd 
before starting it?

>  i've put KDE_IS_PRELINKED=1, KDE_FORK_SLAVES=1 into the
>  /usr/bin/startkde

/usr/bin/startkde in Debian sources *.sh from directories 
~/.kde/env, /usr/local/env, and /usr/env.  I think that
"kde-config --path exe" is not giving the most desirable results in this 
regard, and maybe we should have some other way of determining the path.

Something like /etc/kde/env would be a good directory for such things.  Then 
one of the SE Linux packages could drop a little script in that exports those 

Luke, could you please file appropriate bug reports about this

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: