From: Dominick Grift <dominick.grift@gmail.com>
To: Daniel J Walsh <dwalsh@redhat.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
Pavel Roschin <roshin@scriptumplus.ru>,
selinux@tycho.nsa.gov
Subject: Re: avtab dense hash table
Date: Fri, 06 Dec 2013 16:46:06 +0100 [thread overview]
Message-ID: <1386344766.2469.76.camel@d30> (raw)
In-Reply-To: <52A1DBA8.2050708@redhat.com>
On Fri, 2013-12-06 at 09:14 -0500, Daniel J Walsh wrote:
>
> We have been doing some consolidation in Fedora. We have combined spam tools
> into a single domain spamassassin. Might have been better to create a new
> policy for this.
>
> We have also created antivirus which combined all of the antivirus tools.
>
> The next big one I would like to see combined are mail servers and mail
> clients. (Elimination of all the different postfix domains, would eliminate
> large numbers of bugs over the years.)
>
>
Yes i am aware of the antivirus policy in Fedora. I did not merge that
into refpolicy (yet) because at that point i did not feel comfortable
with it. I probably thought it was too early to merge it, and wanted to
wait for some of the bugs to be ironed out in fedora first.
Some other consolidation changes i am not comfortable with (yet).
fortunately those mostly apply to refpolicy-base, and so it is not up to
be to decide whether to adopt those or not.
There are also some things i plain do not like the way it is implemented
now. For example modules that have combinations of domains that might
not strictly depend on each other. (one possible example might be rhcs
module). I like to keep domains separate as much as possible because
that provides flexibility. e.g. I could remove one or a few without
having to remove them all.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2013-12-06 15:46 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-05 9:04 avtab dense hash table Pavel Roschin
2013-12-05 14:15 ` Stephen Smalley
2013-12-05 15:49 ` Dominick Grift
2013-12-05 21:16 ` Stephen Smalley
2013-12-05 21:37 ` Dominick Grift
2013-12-06 13:51 ` Stephen Smalley
2013-12-06 14:14 ` Daniel J Walsh
2013-12-06 15:46 ` Dominick Grift [this message]
2013-12-06 16:01 ` Daniel J Walsh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1386344766.2469.76.camel@d30 \
--to=dominick.grift@gmail.com \
--cc=dwalsh@redhat.com \
--cc=roshin@scriptumplus.ru \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.