On Fri, Apr 30, 2004 at 10:03:51AM -0400, Stephen Smalley wrote:
On Fri, 2004-04-30 at 09:24, Jeremy Katz wrote:
> I think (consistent with my view a few months ago :-) that this is a
> very good idea. At the same time, it's something that's clearly not
> realistic to target for FC2 since the last test release just went out
> and so it'd be going out with very little testing.
That's fine; it can always be introduced post-FC2. It matters little
for FC2 given that SELinux will be disabled by default for it anyway.
Yes a small focused policy is a good thing and much better than
apparently inviting people to boot with SELinux off.
This would keep the security checking code paths active, but with a
minimum list of things to check the impact would be minimized. This
includes syslog noise as well.
A minimized policy would remove much demand to remove or hobble the
kernel side mechanism and minimize any divergence that developers
might wish to introduce.
I happen to like the current effort to "classify everything" but this
is a big task. Since not all packages that folks like to use pass
through RH hands the task is almost unbounded.
--
T o m M i t c h e l l
/dev/null the ultimate in secure storage.