From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Thu, 31 Mar 2005 23:13:00 +0200 From: Tom To: Stephen Smalley Cc: Casey Schaufler , Ivan Gyurdiev , selinux@tycho.nsa.gov Subject: Re: Desktop apps interoperability Message-ID: <20050331231259.B2607@lemuria.org> References: <20050331160546.36303.qmail@web31615.mail.mud.yahoo.com> <1112285287.11216.114.camel@moss-spartans.epoch.ncsc.mil> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <1112285287.11216.114.camel@moss-spartans.epoch.ncsc.mil>; from sds@tycho.nsa.gov on Thu, Mar 31, 2005 at 11:08:07AM -0500 Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov On Thu, Mar 31, 2005 at 11:08:07AM -0500, Stephen Smalley wrote: > > Look here, sonny, I've been doing MLS systems > > since 1986 and the One Truth You Must Learn > > is that applications can not be changed. No. > > Don't even consider thinking in this direction. > > This is wrong. Sometimes all that's available > > is the binary. Sometimes they like the way it > > works. > > Ah, yes. That's certainly the example we should be following...the > example set by past trusted/MLS OSes. No thanks, we're trying to solve > real problems here... He does have a point, though - sometimes the application can not be changed. It may be a legacy application and for all I care, those are the ones most in need of a protective cage. -- http://web.lemuria.org/pubkey.html pub 1024D/2D7A04F5 2002-05-16 Tom Vogt Key fingerprint = C731 64D1 4BCF 4C20 48A4 29B2 BF01 9FA1 2D7A 04F5 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.