Stephen Smalley wrote:
So how would people feel about a separate relaxed policy that allows
everything in the system to run completely unconfined except for a small
set of specific services, e.g. apache, bind, postfix, ...
This sounds like a big change of direction, but I think it would be
useful for servers. It would also be a good starting point for people
developing their own policies.
It might also be good to introduce SELinux gradually, taking the easy
security gains first. It's comparatively easy to isolate things like
Apache, so one approach would be to take that improvement while
continuing to work on the rest.
Has anyone attempted to add type enforcement to a commercial desktop
operating system before? I haven't heard of it being done; as far as I
know the various distros' SELinux projects are breaking new ground.
That is probably one reason why it is turning up more problems than
expected.
Pete