On Mon, 2004-09-20 at 15:35, Daniel J Walsh wrote: > When FC2 was released we attempted to add the NSA strict policy to the > operating system. Daniel, could you wrap your lines a little shorter? It seems to be set at nearly 100 characters now. > We decided at that point to take a step back and go with a strategy > where we would lock down > a few daemons with SELinux and allow the rest of the system to run in > the same manner with > or without SELinux. Targeted policy was born. > Will targeted policy be the default for FC3? > Strict policy is still available but will be not be installable > directly, you can use selinux-config-securitylevel to turn it on > and relabel the file system. > Perhaps that might be best changed to "system-config-selinux" for consistency? I frequently type "system-config-<TAB>" to find useful sysadmin commands and I'd miss that one without ever knowing. Cheers, -- Rodolfo J. Paiz <rpaiz@xxxxxxxxxxxxxx> Simpaticus.com
