[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Making SELinux standard for etch

* Manoj Srivastava <srivasta@debian.org> [2006-10-07 00:42]:


>         As per policy, I am raising a balloon about ths issue; I think
>  if we ship vacation, finger, and sharutils, we can also ship
>  mandatory acess controls in the standard distribution :)
>         As shipped, the Debian kernel images have SELinux compiled in,
>  but disabled, a command line parameter is required to turn SELinux
>  on. When SELinux is turned on (by enabling it in grub), the default
>  policy setting are that the machine would come on in permissive mode,
>  using the targeted policy; so the worst case scenario is that the
>  there would be lots of log messages if someone "accidentally" turned
>  on SELinux.
>         I think we are ready.  And shipping SELinux by default would
>  be a positive thing, in these days of accelerating attacks :)

I fully support that idea.

yours Martin
<maxx@debian.org> ---- Debian GNU/Linux - The Universal Operation System
Microsoft also has unstable releaseses, they just don't have the other 
		-- Peter De Schrijver at Linuxtag 2004

Attachment: signature.asc
Description: Digital signature

Reply to: