From: Bill Laut <wlsel@verizon.net>
To: russell@coker.com.au
Cc: SELinux Mailing List <selinux@tycho.nsa.gov>
Subject: Re: Emacs major mode for policy editing
Date: Sat, 27 Sep 2003 16:24:17 -0400 [thread overview]
Message-ID: <200309271624.17976.wlsel@verizon.net> (raw)
In-Reply-To: <200309272024.54251.russell@coker.com.au>
On Saturday 27 September 2003 06:24 am, Russell Coker wrote:
> On Sat, 27 Sep 2003 12:09, Bill Laut wrote:
> > Yes, I had posted to the list that I was working on Security-Enhanced X
> > (or "s-ex," as Russell puckishly termed it) some time ago.
>
> Surely I can't have been the first person to notice the SE-X acronym!
>
Yours is the first use of it that I'm aware of. I probably noticed it at some
unconcious level, but didn't pay it much attention until you used it. One of
the signs of approaching middle age on my part, no doubt! :-(
>
> At this point I should mention that Security Enhanced X is an important
> development for Linux, it's something that we've been waiting far too long
> for, and when it's available I'm sure we won't be able to get enough of it.
>
I couldn't agree with you more. That's why, for my contribution, I want
everyone who is interested to review it and tell me where I'm in error, or
where something could be better designed, so that what I eventually release
to the group is a polished gem.
I have no ego problems with peer review/criticism whatsoever.
>
> We just have to make sure that it's correctly implemented to avoid viruses
> and unwanted child processes.
>
That's also why I threw in the reference to "extra homework" in my previous
post. For example, this could be a good excuse to go through XFree86 and
insure that there aren't any unrecognized buffer-overflow vulnerabilities.
It would be embarassing to say the least to release SE-X, only to have it
contain exploitable BO vulnerabilities--the very thing that SELinux is
advertised as protecting against.
The tact I intend to take is to break the implementation down into small,
manageable pieces that can progressively be built upon, until the project is
finally completed. This should help making the "lessons learned" from each
piece easier to integrate as well as speed up the overall implementation.
Bill
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2003-09-27 20:21 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-09-25 15:36 Emacs major mode for policy editing Eamon Walsh
2003-09-25 18:38 ` Chris PeBenito
2003-09-26 21:43 ` Bill Laut
[not found] ` <1064614177.5342.7.camel@moss-tarheels.epoch.ncsc.mil>
2003-09-27 2:09 ` Bill Laut
2003-09-27 10:24 ` Russell Coker
2003-09-27 20:24 ` Bill Laut [this message]
2003-09-28 3:43 ` Russell Coker
2003-09-28 17:25 ` Bill Laut
2003-09-29 1:33 ` Bill Laut
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200309271624.17976.wlsel@verizon.net \
--to=wlsel@verizon.net \
--cc=russell@coker.com.au \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.