SELinux and LFS - Nick Gray

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Nick Gray <nagray@austin.rr.com>
To: "selinux@tycho.nsa.gov" <selinux@tycho.nsa.gov>
Subject: SELinux and LFS
Date: 07 May 2003 11:02:49 -0500	[thread overview]
Message-ID: <1052323369.1487.46.camel@celestial> (raw)

All,

I introduced myself several months back. I work on a MLS project for the
ONI. We have been evaluating SELinux for awhile. A couple of months ago
I raise a question, within our group, about the viability of using
RedHat as a base for a secure system. I believe that certification of a
system based on a (almost any) distribution would be rather difficult to
achieve. This coupled with the fact that a Redhat server that was under
scrutiny here at the lab, continued to contact Redhat via HTTPS despite
my efforts to remove the software responsible. I actually found circular
dependencies in the packages.

This led me to the question, Does anyone remember when we used to build
this things from scratch. In answer to that question, I found a web site
which I have been playing with for the last couple of weeks called
appropriately enough "Linux from Scratch" so far I have been able to use
LFS as the starting point for a CDROM based Linux gateway/firewall.I
started a build of SELinux on a LFS system, but had several problems
including discovering what I believe are a couple bugs in the code.I
have put it aside for the moment to work on a couple of other things,
but I will return to this when I get the chance.

I am interested in whether anyone on the list has used this as the
starting point for SELinux and what the results where. 

In the next day or so I will post the problem I found in the makefile.
Perhaps it is either a known issue or doesn't come up on Redhat based
systems. In a separate post I will address a problem I found in string.h
(as soon as I get a chance to figure out what the problem is)

Don't get me wrong, I have nothing against Redhat. I'm just not sure
that I could keep a straight face when placing this in front of the
accreditors.

Any comments/discussion would be appreciated 

Nick Gray
Senior Network Engineer
Bruzenak Inc.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

next             reply	other threads:[~2003-05-07 16:02 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-05-07 16:02 Nick Gray [this message]
2003-05-07 17:43 ` SELinux and LFS Russell Coker
2003-05-07 19:03   ` Richard Troth
2003-05-07 18:09 ` Keith Bottner
2003-05-07 21:01 ` ccallen
  -- strict thread matches above, loose matches on Subject: below --
2007-02-14 17:38 Vincenzo Ciaglia
2007-02-14 18:08 ` Christopher J. PeBenito
2007-02-14 18:17   ` Christopher J. PeBenito
2007-02-14 20:34     ` Karl MacMillan
2007-02-14 22:10   ` Vincenzo Ciaglia
2007-02-15 13:55   ` Vincenzo Ciaglia
2007-02-15 18:41     ` Stephen Smalley
2007-02-15 19:35       ` Vincenzo Ciaglia
2007-02-15 19:48         ` Stephen Smalley
2007-02-15 17:16   ` Vincenzo Ciaglia
2007-02-15 19:12 ` Stephen Smalley
2007-02-15 19:23   ` Vincenzo Ciaglia
2007-02-15 19:31     ` Stephen Smalley
2007-02-15 19:58       ` Vincenzo Ciaglia
2007-02-15 20:03         ` Stephen Smalley
2007-02-15 20:23           ` Vincenzo Ciaglia
2007-02-15 20:34             ` Stephen Smalley
2007-02-15 20:42               ` Vincenzo Ciaglia
2007-02-15 20:56                 ` Eric Paris
2007-02-15 20:59                   ` Stephen Smalley
2007-02-15 21:53                     ` Vincenzo Ciaglia
2007-02-15 21:01                   ` Vincenzo Ciaglia
2007-02-15 21:47                   ` Vincenzo Ciaglia
2007-02-16 12:16                     ` Vincenzo Ciaglia
2007-02-16 15:13                       ` Stephen Smalley
2007-02-16 16:44                         ` Vincenzo Ciaglia
2007-02-16 17:04                           ` Stephen Smalley
2007-02-16 17:52                             ` Vincenzo Ciaglia
2007-02-16 17:55                               ` Stephen Smalley

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1052323369.1487.46.camel@celestial \
    --to=nagray@austin.rr.com \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.