Alan M. Evans wrote:
On Mon, 2007-09-24 at 17:43 -0500, Mike McCarty wrote:
I KNOW what SELinux is. I KNOW how it is intended to work.
Then why do you keep making demonstrably false statements about it? You
started off saying that your hardware firewall provided sufficient
protection. Then you kept screaming that you knew all about how it
For my machine, yes.
worked even as multiple people tried in vain to explain that SELinux was
there to help in cases that the firewall wouldn't help with. More
I understand what it is intended to do.
recently, you've claimed that it works, mechanically, just like MSDOS
Flu-shot+. To those who actually know what SELinux is about, neither of
those is true.
No, not "just like..." anything. However, it works similarly
in attempting to trap accesess which are considered suspect.
I wasn't trying to draw any closer analogy than that.
How many times does THAT need to be explained?
Until that other Mike McCarty stops posting crap about SELinux.
The apps I'm talking about are find, ls, mv, cp, ssh, etc.
Since the file contexts are required by the kernel, I see no reason
(none) that ls shouldn't be able to show them to me based on a command
line parameter. Otherwise, it's not "taking up cycles" as you have said.
Yes, "ls" doesn't. Other things do. I don't see why "ls" would need
to do anything more than have a few more bytes to format the state
of the extended attributes.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!