From mboxrd@z Thu Jan  1 00:00:00 1970
From: James Morris <jmorris@namei.org>
Subject: Re: AppArmor FAQ
Date: Tue, 17 Apr 2007 16:50:06 -0400 (EDT)
Message-ID: <Line.LNX.4.64.0704171647020.20447@d.namei>
References: <657751.18080.qm@web36614.mail.mud.yahoo.com>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Cc: Andi Kleen <andi@firstfloor.org>, linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	linux-fsdevel@vger.kernel.org
To: Casey Schaufler <casey@schaufler-ca.com>
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from mail8.sea5.speakeasy.net ([69.17.117.10]:56190 "EHLO
	mail8.sea5.speakeasy.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1031207AbXDQUuJ (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Tue, 17 Apr 2007 16:50:09 -0400
In-Reply-To: <657751.18080.qm@web36614.mail.mud.yahoo.com>
Sender: linux-fsdevel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On Tue, 17 Apr 2007, Casey Schaufler wrote:

> those names it cares about. SELinux in the absence of a correct and
> complete policy could be considered dangerous.

It should be noted that SELinux is only recommended as an addition to DAC, 
not a replacement, so that it can only further restrict existing access 
control.


- James
-- 
James Morris
<jmorris@namei.org>