Re: SELinux Coloring book?

[Casey Schaufler <casey@schaufler-ca.com>]

On 11/13/2013 12:58 PM, Radzykewycz, T (Radzy) wrote:
> Yes, I don't disagree with anything you've said.
>
> My point is that this is supposed to be simple and easy-to-understand.  It's intended (I think) to address the complaint that many people have, that SE Linux is too complex, which I'm sure you've all heard.

The coloring book is cute. Good job, well done.

> If it gets too complex, then people will stop reading, and just continue with their current pre-conception that it's "too hard."  If that happens, then the effort to put it together is wasted.  I don't want that.  I would prefer if this allows people to get past their "too hard" ideas.  And all complexity that is added makes that more probable.  Even the goal of addressing the big picture, at all, makes it more complex.

Well, there is that.


> If a kid is learning "see spot" then the idea of a pack dominance hierarchy is advanced material, as is mention of displays of aggressive behavior.  To say nothing of the mere word "vociferous."  The pack dominance hierarchy and descriptions of behavior are necessary for the big picture, but they aren't basic introductory material.
>
> I don't think there isn't room for improvement.  I just hope that trying for the big picture confuses more people than it needs to, especially since too many people already think it's too complex.
>
> I also think that it's pretty good, as it is right now, for what it is trying to do.  So: kudos to the authors!  :)
>
>
> ________________________________________
> From: Dominick Grift [dominick.grift@gmail.com]
> Sent: Wednesday, November 13, 2013 10:25 AM
> To: Radzykewycz, T (Radzy)
> Cc: Daniel J Walsh; Bruno Wolff III; Tony Scully; SELinux
> Subject: Re: SELinux Coloring book?
>
> On Wed, 2013-11-13 at 20:01 +0100, Dominick Grift wrote:
>> On Wed, 2013-11-13 at 18:37 +0000, Radzykewycz, T (Radzy) wrote:
>>> General question:
>>>
>>> Does the "coloring book" really need to cover all aspects of security, and cover them in depth?  If this is a kindergarten grade level introduction, then explaining all the nuances of priority may be too much to ask.  If it is for more experienced audiences, then why does it need to be a coloring book?
>>>
>>> See Spot.  See Spot run.  See Spot manage the pack's dominance hierarchy through vociferous displays of aggressive behavior.  Run, Spot, run!
>>>
>> Yes, good point
>>
>> But why favor one aspect over another?
>>
>> Also in SELinux everything is associated one way or another. If you
>> leave out pieces, then you end up with loose ends. Loose end can be
>> confusing
>>
>> If you're comprehensive, then pieces tend to fall into place
>>
>> That helps getting the overall big picture
>>
> What i am suggesting here is that sometimes, what seems like a longer
> route initially, may end up being the shortest route after all in my
> view
>
> I sincerely think that it is better to be comprehensive, than to cherry
> pick some aspects if your aim is to provide the audience with the big
> picture
>
> Plus, i think dominance hierarchy, and "no read up/no write down" can
> also be explained through simple illustrations
>
>
>
>
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.