Re: recommends for apparmor in newest linux-image-4.13

To: Laurent Bigonville <bigon@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: recommends for apparmor in newest linux-image-4.13
From: Theodore Ts'o <tytso@mit.edu>
Date: Sun, 10 Dec 2017 16:21:18 -0500
Message-id: <[🔎] 20171210212118.m6winsqbofbzny3q@thunk.org>
In-reply-to: <[🔎] 8023f0ef-c4ad-4b65-7e9a-31b70ec7d8e1@debian.org>
References: <[🔎] 20171203224035.tyde4xxmbqofh7ms@thunk.org> <[🔎] 8023f0ef-c4ad-4b65-7e9a-31b70ec7d8e1@debian.org>

On Wed, Dec 06, 2017 at 11:24:45AM +0100, Laurent Bigonville wrote:
> The SELinux policy could be altered to either run everything that we know is
> not ready to be confined in an unconfined domain or put that domain in
> permissive (which would result in a lot of denials being logged), so it's
> possible to behave more or less the same way as AppArmor depending of how
> the policy is designed.

It "could" be altered the same way that anyone "could" modify a
sendmail.cf file.  Someone "could" create a program which plays the
game of Go written raw assembly language.

If it "could" be done, why hasn't been done in the past decade?

      	      	       	   	       	    - Ted

Reply to:

Follow-Ups:
- Re: recommends for apparmor in newest linux-image-4.13
  - From: Laurent Bigonville <bigon@debian.org>
- Re: recommends for apparmor in newest linux-image-4.13
  - From: Wouter Verhelst <wouter@debian.org>

References:
- Re: recommends for apparmor in newest linux-image-4.13
  - From: Theodore Ts'o <tytso@mit.edu>
- Re: Re: recommends for apparmor in newest linux-image-4.13
  - From: Laurent Bigonville <bigon@debian.org>

Prev by Date: Re: Has Copyright summarizing outlived its usefulness?
Next by Date: Re: Has Copyright summarizing outlived its usefulness?
Previous by thread: Re: recommends for apparmor in newest linux-image-4.13
Next by thread: Re: recommends for apparmor in newest linux-image-4.13
Index(es):
- Date
- Thread