On Fri, 28 Dec 2007 23:32:09 +0900, Tetsuo Handa said: > You can run your system with only policy collected by learning mode. > Thus, you basically don't need manual intervention. > But since there are randomly named files (i.e. temporary files), > you pay a little time to modify policy. > > The learning mode is to save time for permitting commonly accessed resources. > Administrator reviews policy collected by learning mode. Thus the readability > of policy is important so that administrator can understand what he/she is > going to allow or reject. Please make a *big* notation someplace that "learning mode" is quite likely to *not* produce a totally correct policy. In particular, it won't build rules for infrequently used code paths (such as error handling) unless you find a way to exercise those paths while in learning mode. Particularly fun - when learning mode doesn't create an entry for the logfile for I/O errors. Then when one actually happens, you have no idea what it was...
Attachment:
pgpnNPZIF6q41.pgp
Description: PGP signature
- Follow-Ups:
- Re: TOMOYO Linux Security Goal
- From: Tetsuo Handa <[email protected]>
- Re: TOMOYO Linux Security Goal
- From: Pavel Machek <[email protected]>
- Re: TOMOYO Linux Security Goal
- References:
- TOMOYO Linux Security Goal
- From: Tetsuo Handa <[email protected]>
- Re: TOMOYO Linux Security Goal
- From: "Serge E. Hallyn" <[email protected]>
- Re: TOMOYO Linux Security Goal
- From: Tetsuo Handa <[email protected]>
- Re: TOMOYO Linux Security Goal
- From: "Serge E. Hallyn" <[email protected]>
- Re: TOMOYO Linux Security Goal
- From: Tetsuo Handa <[email protected]>
- TOMOYO Linux Security Goal
- Prev by Date: Re: [PATCH] jfs: clear PAGECACHE_TAG_DIRTY for no-write pages
- Next by Date: Oops involving RFCOMM and sysfs
- Previous by thread: Re: TOMOYO Linux Security Goal
- Next by thread: Re: TOMOYO Linux Security Goal
- Index(es):
 |