From: Guido Trentalancia <guido@trentalancia.com>
To: russell@coker.com.au
Cc: jwcart2@tycho.nsa.gov, SE-Linux <selinux@tycho.nsa.gov>
Subject: Re: SE Linux use - was: Question: and the policy grows...
Date: Fri, 18 Mar 2011 16:45:12 +0100 [thread overview]
Message-ID: <1300463112.17276.16.camel@tesla.lan> (raw)
In-Reply-To: <201103190133.46695.russell@coker.com.au>
On Sat, 19/03/2011 at 01.33 +1100, Russell Coker wrote:
> On Sat, 19 Mar 2011, James Carter <jwcart2@tycho.nsa.gov> wrote:
> > > NSA people: How many subscribers are there to this list outside .gov?
> > >
> > >
> >
> > 887
> >
> > There are 30 people who have posted 10 or more messages in the last
> > year.
>
> On Sat, 19 Mar 2011, "Christopher J. PeBenito" <cpebenito@tresys.com> wrote:
> > > Tresys people: How many subscribers to the refpolicy list are outside
> > > .gov?
> >
> > 95
You see Russell, I wasn't too wrong on that (apologies again for
misspelling your first name). SELinux should not be considered. My
original message was posted on refpolicy and was only about policy
development ("this list").
> Any theories as to why are there almost 10* more people on the main list?
>
> It seems to me that policy development is easier to get involved with than all
> other types of SE Linux development, and it's more required. One can do a lot
> of SE Linux work without touching any of the C code, but it's not possible to
> do much outside the distribution defaults without writing some policy.
I do not agree with you. MAC policy development requires knowledge of
the whole underlying OS including very silly details about location of
files (and including very silly details such as tiny differences in
different distributions). Developing SELinux userspace mostly requires
knowledge of libc, libselinux and friends (which have extensive
documentation as info and man pages as opposed to very short embedded
comments for interfaces in the .if files). Developing SELinux kernel is
probably something in between the two things when it comes to
difficulty, at least in my perception.
Writing C code is easier at least for me. And testing C code is easier
at least for me. For example the C compiler gives much more meaningful
warnings and messages. And you've got the debugger as well !
At the very least policy development is more tedious in my opinion.
But all of this is subject to personal attitudes and other similar
factors.
Regards,
Guido
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2011-03-18 15:45 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-17 13:50 [refpolicy] Question: and the policy grows Guido Trentalancia
2011-03-17 14:25 ` Daniel J Walsh
2011-03-17 16:04 ` Guido Trentalancia
2011-03-17 16:44 ` Daniel J Walsh
2011-03-17 17:54 ` Christopher J. PeBenito
2011-03-17 18:34 ` Daniel J Walsh
2011-03-17 19:49 ` Daniel J Walsh
2011-03-18 13:30 ` Christopher J. PeBenito
2011-03-17 20:15 ` Guido Trentalancia
2011-03-18 13:35 ` Christopher J. PeBenito
2011-03-18 15:25 ` Guido Trentalancia
2011-03-17 19:40 ` Guido Trentalancia
2011-03-17 19:55 ` Daniel J Walsh
2011-03-17 20:27 ` Guido Trentalancia
2011-03-18 13:38 ` Christopher J. PeBenito
2011-03-17 20:24 ` Sven Vermeulen
2011-03-17 21:08 ` Guido Trentalancia
2011-03-17 21:34 ` Sven Vermeulen
2011-03-17 23:04 ` Guido Trentalancia
2011-03-18 13:52 ` Christopher J. PeBenito
2011-03-18 15:20 ` Guido Trentalancia
2011-03-17 23:08 ` Mark Montague
2011-03-18 6:06 ` Sven Vermeulen
2011-03-18 10:19 ` Dominick Grift
2011-03-18 12:31 ` Guido Trentalancia
2011-03-17 22:56 ` Mark Montague
2011-03-18 10:12 ` Dominick Grift
2011-03-18 13:37 ` Stephen Smalley
2011-03-18 15:37 ` Dominick Grift
2011-03-17 23:24 ` SE Linux use - was: " Russell Coker
2011-03-18 0:33 ` Guido Trentalancia
2011-03-18 2:11 ` Jason Axelson
2011-03-18 13:23 ` James Carter
2011-03-18 14:33 ` Russell Coker
2011-03-18 14:57 ` Christopher J. PeBenito
2011-03-18 15:48 ` Guido Trentalancia
2011-03-18 23:40 ` Russell Coker
2011-03-18 15:45 ` Guido Trentalancia [this message]
2011-03-18 23:52 ` Russell Coker
2011-03-19 14:37 ` Guido Trentalancia
2011-03-18 14:08 ` Christopher J. PeBenito
2011-03-18 13:45 ` [refpolicy] " Christopher J. PeBenito
2011-03-18 15:09 ` Guido Trentalancia
2011-03-18 17:14 ` [refpolicy] dual mailing list (was Question: and the policy grows...) Guido Trentalancia
2011-03-18 18:40 ` Daniel J Walsh
2011-03-18 19:13 ` Guido Trentalancia
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1300463112.17276.16.camel@tesla.lan \
--to=guido@trentalancia.com \
--cc=jwcart2@tycho.nsa.gov \
--cc=russell@coker.com.au \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.