On Wed, 2006-04-26 at 17:21 -0700, Casey Schaufler wrote:
>
> --- Stephen Smalley <[email protected]> wrote:
>
> > On Tue, 2006-04-25 at 20:42 -0700, Casey Schaufler
> > wrote:
>
> > > Conflating my forehead!
> >
> > The policy is analyzable, and there are tools (apol
> > and slat) that do precisely that.
>
> Ok. I remain unconvinced, in part because the analysis
> requires tools.
>
Not certain what you mean by requires - it is possible to do policy
analysis manually, though the tools certainly bring more rigor. Analysis
of SELinux policies is not simply possible in theory - it has been done
by us (Tresys) and others.
Karl
--
Karl MacMillan
Tresys Technology
www.tresys.com
> > Including information flow analysis
> > and invariant checking.
>
> Ok. Fair enough.
>
> > What's your problem, again?
>
> You keep asking that.
>
> I seem to have fallen off topic, which happens
> sometimes, and I apologize for falling into this
> long standing and overly religeous debate. I
> have failed to present my case with sufficient
> clarity to prove convincing once again. Perhaps
> one day I'll get it right. Perhaps one day I'll
> figure out why I'm wrong.
>
>
>
> Casey Schaufler
> [email protected]
> -
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]