Re: [RFC][PATCH 0/11] security: AppArmor - Overview

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2006-04-26 at 17:21 -0700, Casey Schaufler wrote:
> 
> --- Stephen Smalley <[email protected]> wrote:
> 
> > On Tue, 2006-04-25 at 20:42 -0700, Casey Schaufler
> > wrote:
> 
> > > Conflating my forehead!
> > 
> > The policy is analyzable, and there are tools (apol
> > and slat) that do precisely that.
> 
> Ok. I remain unconvinced, in part because the analysis
> requires tools.
> 

Not certain what you mean by requires - it is possible to do policy
analysis manually, though the tools certainly bring more rigor. Analysis
of SELinux policies is not simply possible in theory - it has been done
by us (Tresys) and others.

Karl

-- 
Karl MacMillan
Tresys Technology
www.tresys.com

> > Including information flow analysis
> > and invariant checking.
> 
> Ok. Fair enough.
> 
> > What's your problem, again?
> 
> You keep asking that.
> 
> I seem to have fallen off topic, which happens
> sometimes, and I apologize for falling into this
> long standing and overly religeous debate. I
> have failed to present my case with sufficient
> clarity to prove convincing once again. Perhaps
> one day I'll get it right. Perhaps one day I'll
> figure out why I'm wrong.
> 
> 
> 
> Casey Schaufler
> [email protected]
> -
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to [email protected]
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux