Re: SELinux port for 2.4.28 (and incoming backport from 2.6) released.

[Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org>]

[-- Attachment #1: Type: text/plain, Size: 1166 bytes --]

Hi Stephen,

El lun, 06-12-2004 a las 09:21 -0500, Stephen Smalley escribió:
> On Sat, 2004-12-04 at 15:38, Lorenzo Hernandez Garcia-Hierro wrote:
> > I've not tested it yet, but hopefully works.
> 
> For that kernel, you'll have to pass the -c 15 option to checkpolicy to
> tell it to build a version 15 policy, as the 2.4-based SELinux doesn't
> support newer policy versions.  Specifically, the 2.4-based SELinux was
> never updated for the conditional policy support (policy booleans), ipv6
> support, and fine-grained netlink classes.  See
> http://marc.theaimsgroup.com/?l=selinux&m=107643944721568&w=2.

Yes, the conditional policy (v16) could be ported to it, as i have the
diff of the first release (2.6) that came with it, anyway, other stuff
could be hard to backport.

It would be great to have somewhere a SCM to see real diffs and the
evolution of the 2.6 brand, and the old 2.4 one, to compare what things
need to be backported and how to do it.

I will take a look in it later.

Cheers,
-- 
Lorenzo Hernández García-Hierro [1024D/6F2B2DEC]
Hardened Debian head developer & project manager.
http://www.debian-hardened.org 

[-- Attachment #2: Esta parte del mensaje está firmada digitalmente --]
[-- Type: application/pgp-signature, Size: 189 bytes --]