Re: SELinux

To: debian-devel@lists.debian.org
Subject: Re: SELinux
From: Bernd Eckenfels <ecki@lina.inka.de>
Date: Thu, 22 Sep 2005 00:28:18 +0200
Message-id: <[🔎] E1EID4c-0003VF-00@calista.inka.de>
In-reply-to: <[🔎] 1127338602.17467.33.camel@haggis.homelan>

In article <[🔎] 1127338602.17467.33.camel@haggis.homelan> you wrote:
> For systems on insecure or restricted/classified networks, it's
> wonderful.  For 98% of us, it's too much complexity for not enough
> benefit over:
>        carefully chosen apps
>        turned-off unused daemons
>        a good h/w firewall
>        strong iptables rules.

Biba Low-Watermark is here pretty interesting, since it requires a bit less
setup. Linux supports that with Lomac. 

Looks like IBM is researching on some SELinux based hybrid models which they
call SLIM (with TPM hardware support):
http://www.acsac.org/2004/workshop/David-Safford.pdf

However looks like lomac is kind of postponed, since nobody is funding LSM
work. However it is part of FreeBSD current.
http://opensource.sparta.com/lomac/

Gruss
Bernd

Reply to:

References:
- Re: SELinux
  - From: Ron Johnson <ronnyjunior@comcast.net>

Prev by Date: ITP: ree -- Extract ROM extensions
Next by Date: Bug#329462: general: standard value $LANG="de_DE@euro" -> very tiny GTK1 font
Previous by thread: Re: SELinux
Next by thread: Re: SELinux
Index(es):
- Date
- Thread