Core 2 SELinux installation
Matthew Miller
mattdm at mattdm.org
Fri Apr 30 17:37:48 UTC 2004
On Fri, Apr 30, 2004 at 12:14:08PM -0400, Stephen Smalley wrote:
> One thing to consider is that the "relaxed" policy may actually end up
> being more "secure" for the set of security goals it targets. Perhaps a
> better term than "relaxed" would be "specialized" or "targeted". Given
> a small focused set of security goals, you can more easily specify the
> policy and analyze it for exceptions. In contrast, when you try to put
> every process in its own sandbox while supporting existing functionality
> (particularly functionality that isn't used to living in sandboxes), it
> becomes very difficult to analyze the resulting large, complex policy to
> see whether it meets your higher level goals (e.g. don't let apache
> subvert a trusted process).
This sounds like a very good approach, and is much less threatening to a
sysadmin with a large base of systems and users that are all basically
working fine now.
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the selinux
mailing list