SELinux - a call for end-of-life.
Kevin Fenzi
kevin at scrye.com
Wed Sep 1 15:59:35 UTC 2010
On Wed, 1 Sep 2010 12:35:14 +0000 (UTC)
JB <jb.1234abcd at gmail.com> wrote:
...snip...
> This is my idea of the new security concept:
> - it should be real-time (operating in a background)
> - it should be modular in the sense of traditional small, single
> function, and stand-alone UNIX utilities
> - it has to be simple to be acceptable and understandable by all sys
> admins and users of UNIX/Linux systems
> - it should be configurable:
> - by sys admin and user (selectively)
> - at any time
> - dynamically
> - it should show various diagnostics (alarms) in real-time, but never
> interfere with or prevent a program from execution.
> At least that should be a default behavior.
> - it should not interfere with / try to undo any present and standard
> UNIX/Linux system security measures
> - it should be supplementary to existing UNIX/Linux system security
> - it should be self-contained, installable and removable at any time,
> without influencing the system
>
> I am sure others will add to and extend it, but in the spirit of
> improvement. JB
Feel free to start a new project, develop it and then ask for buy in
from distros. Until you have something that is better, calling for the
removal of selinux is a non starter. ;)
I would suggest that this list is not the place to develop a new
security framework. There's any number of free software project sites
out there you can use to setup your community.
Good luck!
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20100901/a142f2ee/attachment.bin
More information about the users
mailing list