From: Dominick Grift <dominick.grift@gmail.com>
To: "Radzykewycz, T (Radzy)" <radzy@windriver.com>
Cc: Daniel J Walsh <dwalsh@redhat.com>,
Bruno Wolff III <bruno@wolff.to>,
Tony Scully <tonyjscully@gmail.com>,
SELinux <selinux@tycho.nsa.gov>
Subject: Re: SELinux Coloring book?
Date: Wed, 13 Nov 2013 20:25:43 +0100 [thread overview]
Message-ID: <1384370743.30406.76.camel@d30> (raw)
In-Reply-To: <1384369308.30406.70.camel@d30>
On Wed, 2013-11-13 at 20:01 +0100, Dominick Grift wrote:
> On Wed, 2013-11-13 at 18:37 +0000, Radzykewycz, T (Radzy) wrote:
> > General question:
> >
> > Does the "coloring book" really need to cover all aspects of security, and cover them in depth? If this is a kindergarten grade level introduction, then explaining all the nuances of priority may be too much to ask. If it is for more experienced audiences, then why does it need to be a coloring book?
> >
> > See Spot. See Spot run. See Spot manage the pack's dominance hierarchy through vociferous displays of aggressive behavior. Run, Spot, run!
> >
>
> Yes, good point
>
> But why favor one aspect over another?
>
> Also in SELinux everything is associated one way or another. If you
> leave out pieces, then you end up with loose ends. Loose end can be
> confusing
>
> If you're comprehensive, then pieces tend to fall into place
>
> That helps getting the overall big picture
>
What i am suggesting here is that sometimes, what seems like a longer
route initially, may end up being the shortest route after all in my
view
I sincerely think that it is better to be comprehensive, than to cherry
pick some aspects if your aim is to provide the audience with the big
picture
Plus, i think dominance hierarchy, and "no read up/no write down" can
also be explained through simple illustrations
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2013-11-13 19:25 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-13 15:10 SELinux Coloring book? Daniel J Walsh
2013-11-13 16:00 ` Paul Howarth
2013-11-13 16:11 ` Daniel J Walsh
[not found] ` <CAKuJGC9FTi__fc6+4O9nViDiCnT-+xrsFvR+E4FXAfML8x+QSQ@mail.gmail.com>
2013-11-13 17:13 ` leo kirotawa
[not found] ` <1bddae0010527398cc85d89bb8f1aad9.squirrel@host290.hostmonster.com>
[not found] ` <CAMk6u_TUztYjqUTFCd5ukcHWOYt=cJaJv2ARvw-RafcVAAVUQw@mail.gmail.com>
[not found] ` <20131113171326.GA13491@wolff.to>
2013-11-13 17:35 ` Dominick Grift
2013-11-13 18:10 ` Daniel J Walsh
2013-11-13 18:37 ` Radzykewycz, T (Radzy)
2013-11-13 19:01 ` Dominick Grift
2013-11-13 19:25 ` Dominick Grift [this message]
2013-11-13 20:58 ` Radzykewycz, T (Radzy)
2013-11-14 1:48 ` Casey Schaufler
2013-11-14 11:55 ` Dominick Grift
2013-11-13 18:07 ` Daniel J Walsh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1384370743.30406.76.camel@d30 \
--to=dominick.grift@gmail.com \
--cc=bruno@wolff.to \
--cc=dwalsh@redhat.com \
--cc=radzy@windriver.com \
--cc=selinux@tycho.nsa.gov \
--cc=tonyjscully@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.