On Tue January 16 2007 12:49 am, Lyvim Xaphir wrote: > Selinux=0 may completely evacuate all selinux code from the boot > process. Then, on the other hand, it may not. Maybe you guys are thinking about this all wrong. Suppose that Selinux is really a diversion. By forcing the question of mandatory access controls at the kernel level, there's a team of specialists being trained who are mastering in great depth, the detailed minutiae of how each daemon they program for, functions at the lowest levels. The goal is to create the specialist team that knows every hook, every detail, of low level operations of all major sofware running in the OS. Maybe I'm smoking too many cigars... -- Claude Jones Brunswick, MD, USA
