From: Junji Kanemaru <linux@linuon.com>
To: ivg2@cornell.edu
Cc: Luke Kenneth Casson Leighton <lkcl@lkcl.net>,
Joshua Brindle <jbrindle@tresys.com>,
alexander-barclay@utulsa.edu, Brandon Pollet <brandon@utulsa.edu>,
SELinux@tycho.nsa.gov, John Hale <john-hale@utulsa.edu>
Subject: Re: XML Based Policy Configuration for SELinux
Date: Tue, 28 Jun 2005 01:01:48 +0900 [thread overview]
Message-ID: <42C022EC.8000701@linuon.com> (raw)
In-Reply-To: <1119486152.7677.15.camel@localhost.localdomain>
Hi guys,
I'm impressed xml based policy discussion here.
Is there XML based policy project home page that you are working on?
The idea, having policy in XML is similar to what we have been discussing
here in Japan.
What we are thinking is:
1) Policy maintainer creates policy source
2) Convert the source to XML and put them into XMLDB using tool
3) Users(regular admins I'd say) pickup and download policy fragments
what exactly they need from XMLDB with XML query
4) Then convert the XML source to regular policy source and compile
and apply.
Some people would think it is wasteful, why not having raw policy
source in DB. But I think XML makes things easier for adding, modifing
and deleting some part of policy.
IMO, currently it is very difficult to find dependencies in the policy source
but if we have it in XML it is easier.
-- Junji
Linuon Inc.
Tokyo Japan
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
prev parent reply other threads:[~2005-06-27 16:01 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-21 17:37 XML Based Policy Configuration for SELinux Brandon Pollet
2005-06-21 18:49 ` Luke Kenneth Casson Leighton
2005-06-21 19:59 ` alexander-barclay
2005-06-21 21:20 ` Luke Kenneth Casson Leighton
2005-06-21 22:11 ` Alex Barclay
2005-06-21 23:45 ` Joshua Brindle
2005-06-22 0:41 ` Luke Kenneth Casson Leighton
2005-06-22 3:46 ` Joshua Brindle
2005-06-22 5:33 ` Luke Kenneth Casson Leighton
2005-06-22 11:22 ` Joshua Brindle
2005-06-22 22:38 ` Luke Kenneth Casson Leighton
2005-06-23 0:22 ` Ivan Gyurdiev
2005-06-27 16:01 ` Junji Kanemaru [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42C022EC.8000701@linuon.com \
--to=linux@linuon.com \
--cc=SELinux@tycho.nsa.gov \
--cc=alexander-barclay@utulsa.edu \
--cc=brandon@utulsa.edu \
--cc=ivg2@cornell.edu \
--cc=jbrindle@tresys.com \
--cc=john-hale@utulsa.edu \
--cc=lkcl@lkcl.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.