SELinux and third party installers
Stephen Smalley
sds at epoch.ncsc.mil
Mon Jan 3 16:08:56 UTC 2005
On Mon, 2005-01-03 at 11:08, Mike Hearn wrote:
> Yeah this makes it rather hard for 3rd parties to track what's going on
> here. Why can this stuff not all be done upstream and just merged with
> Fedora at regular intervals?
Fedora Core is the de facto "upstream" as far as SELinux modifications
to userland are concerned. Red Hat took over maintaining the SELinux
userspace patches back in early 2003 when Dan Walsh ported them to the
2.6 SELinux API and started expanding them to more programs to provide
better integration into the distribution. NSA is only maintaining the
core SELinux code now, i.e. the SELinux kernel code and the core set of
new SELinux userland packages (libsepol, libselinux, checkpolicy,
policycoreutils, policy). Information about patched userland for other
distros is at the selinux sourceforge site, http://selinux.sf.net. I'd
expect that the SELinux userland patches will eventually go into the
upstream packages (in cases where there is still an upstream
maintainer), but that wasn't likely to happen before the Fedora
integration.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the selinux
mailing list