From: Russell Coker <russell@coker.com.au>
To: Tom <tom@lemuria.org>, SELinux Mail List <selinux@tycho.nsa.gov>
Subject: Re: policy under version control
Date: Tue, 2 Dec 2003 14:30:51 +1100 [thread overview]
Message-ID: <200312021430.51186.russell@coker.com.au> (raw)
In-Reply-To: <20031201202813.I16359@lemuria.org>
On Tue, 2 Dec 2003 06:28, Tom <tom@lemuria.org> wrote:
> It seems that in the long run we won't be able to do with a single
> default policy. We'll need a couple, or a modular approach. Something
> very much like Debian's tasksel or other tools for other distributions
> where you have 5-10 fields you can check what your machine is going to
> be, and the relevant policy is then assembled automatically.
I also see a need for multiple policy distributions, but I don't think that
they will be close enough to each other to enable them to productively be in
the same tree.
Some policy files such as core_macros.te can be in all policies, but most of
the .te files won't.
I think that policies will either be close enough that macros can be used to
merge them, or different enough that they can't be kept to gether in any way.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2003-12-02 3:31 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-11-29 13:26 policy under version control Andreas Schuldei
2003-11-29 15:05 ` Tom
2003-11-29 21:35 ` Russell Coker
2003-12-01 15:13 ` Stephen Smalley
2003-12-01 19:28 ` Tom
2003-12-01 22:53 ` Dale Amon
2003-12-02 3:30 ` Russell Coker [this message]
2003-12-02 7:08 ` Tom
2003-12-02 9:59 ` Brian May
2003-12-06 15:57 ` Colin Walters
2003-12-07 11:30 ` Tom
2003-12-07 13:41 ` Andreas Schuldei
2003-12-07 13:44 ` Russell Coker
2003-12-07 13:59 ` Tom
2003-12-07 13:57 ` Tom
2003-12-02 14:58 ` Colin Walters
2003-12-02 18:52 ` Tom
2003-12-03 13:34 ` Tom
-- strict thread matches above, loose matches on Subject: below --
2003-12-03 15:36 Karl MacMillan
2003-12-03 16:56 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200312021430.51186.russell@coker.com.au \
--to=russell@coker.com.au \
--cc=selinux@tycho.nsa.gov \
--cc=tom@lemuria.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.