[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Making SELinux standard for etch



Am Samstag 07 Oktober 2006 00:35 schrieb Manoj Srivastava:
>  We are at a point where we can support a targeted SELinux
>  policy, at least in permissive mode.  Everything seems to work for
>  me; I can fire up targeted SELinux UML's and only see a few harmless
>  log messages.

What do those look like? How many is "few"?

>         I brought this over on the debian-installer mailing list, and
>  suggested that we ship SELinux installed, but turned off by default;
>  and a README or a short shell script fr the local administrator to
>  enable SELinux.  Our support at this point is better in some respects
>  to any other distribution (selecting and installing modular policy
>  modules, for instance). All the core packages support SELinux (unlike
>  in, say, Ubuntu).

Well, most users have enough to find out what groups they must be in for fully 
working desktop (>= 8). How many will use _any_ SELinux feature? Those that 
know that they need it, know how to install it.

Maybe you can enlighten me what the average Debian user will gain from 
SELinux?

HS

Attachment: pgpuyz3arboNQ.pgp
Description: PGP signature


Reply to: