In article <firstname.lastname@example.org> you wrote:
> For systems on insecure or restricted/classified networks, it's
> wonderful. For 98% of us, it's too much complexity for not enough
> benefit over:
> carefully chosen apps
> turned-off unused daemons
> a good h/w firewall
> strong iptables rules.
Biba Low-Watermark is here pretty interesting, since it requires a bit less
setup. Linux supports that with Lomac.
Looks like IBM is researching on some SELinux based hybrid models which they
call SLIM (with TPM hardware support):
However looks like lomac is kind of postponed, since nobody is funding LSM
work. However it is part of FreeBSD current.
- Re: SELinux
- From: Ron Johnson <email@example.com>