No more selinux-policy-*-sources
Stephen Smalley
sds at tycho.nsa.gov
Tue Mar 14 15:36:14 UTC 2006
On Tue, 2006-03-14 at 15:13 +0100, Arjan van de Ven wrote:
> > Not an answer to your question but there's an interesting discussion on
> > AppArmor and SELinux in Dan Walsh's blog:
> >
> > http://danwalsh.livejournal.com/424.html
>
>
> maybe it's time to accept that SELinux as technology is doomed. Not
> because the code is bad, but because it's Just Too Complex(tm).
> Complexity kills, and I think the time it is taking to get to the point
> where at least less than 99% of the people turns selinux off first thing
> is waay too long already.
>
> Maybe it's a matter of focus; sometimes I get the impression the focus
> is to give more coverage rather than to get the existing coverage to the
> point where people use it... but maybe the later is just so much work
> and so time consuming that it takes more time to get it than it takes
> the codebase to change again.
No, there is quite a bit of ongoing work on improving useability for
SELinux, including several new higher level tools that have been
recently released. But don't conflate the user interface with the
mechanism - if you limit the OS access control mechanism by what is
immediately useable by end users, then you end up with a solution that
can never be secure (to wit: AppArmor and its path-based
configurations). You need to get the mechanism right first, which is
what we've done in SELinux, and then you build the nice UI on top of
that. You might find the Useability discussion from the SELinux summit
of interest, see the summit minutes at:
http://www.selinux-symposium.org/2006/summit.php
--
Stephen Smalley
National Security Agency
More information about the devel
mailing list