On Oct 11, 2007, at 11:41:34, Casey Schaufler wrote:
--- Kyle Moffett <[email protected]> wrote:
[snipped]
I'm still waiting to see the proposed SELinux policy that does what
Smack does.
That *is* the SELinux policy which does what Smack does. I keep
having bugs in the perl-script I'm writing on account of not having
the time to really get around to fixing it, but that is exactly the
procedure for generating an SELinux policy from a SMACK policy.
I can accept that you don't see anything that can't be implemented
thus, but that's not the point. You've provided some really clear
design notes, and that's great, but it ain't the code. You said
that you could write a 500 line perl script that would do the whole
thing, and that left some people with an impression that Smack is a
subset of SELinux. Well, I'm already finding myself digging out
from under that missunderstanding, and with people who are assuming
that your policy has been done, "proving" the point.
I'd love to have time to finish the script but unfortunately real
life keeps interfering and I'm going to have to go back to lurking on
this thread.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
