Alan M. Evans wrote:
On Mon, 2007-09-24 at 15:58 -0500, Mike McCarty wrote:
Because SELinux is not a "thing", it is a way of writing apps.
No, no no! How many times does this have to be explained?
See below. My objection to SELinux is not due to my ignorance
of what it is.
Applications don't need to know anything about SELinux in order to be
under its purview. Only applications that need to interact with SELinux
I didn't say that. You are arguing against something I emphatically
did not say. I particularly object to you asking "how many times
does this have to be explained" like I am some sort of idiot.
in some way need to know about it. I can easily write a program that
tries to open a forbidden resource and SELinux can most easily prevent
it despite that my application only #includes stdio.h and knows nothing
of the hidden hand that blocks it.
I KNOW what SELinux is. I KNOW how it is intended to work.
How many times does THAT need to be explained?
The apps I'm talking about are find, ls, mv, cp, ssh, etc.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!