SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: 2.4-based SELinux This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Miguel Bolanos <mike_at_linuxlabs.com> Date: Tue, 10 Feb 2004 12:40:24 -0600 Greetings Stephen. hope all is well. Sure Compatibility is now an issue, but i do believe there is still several people out whom will want to keep 2.4 for a while, that includes myself. If the 2.4-based SELinux is going to be maintained by people outside NSA, I would like to contribute with the team doing this work. best regards Miguel. On Tue, 2004-02-10 at 09:44, Stephen Smalley wrote: > Hi, > > In the last nsa.gov release of SELinux, the 2.4-based SELinux (the back > port of the 2.6-based SELinux) began to lag behind the 2.6-based > SELinux, e.g. the new signal and resource limit inheritance controls and > the restored network access controls were only implemented for the > 2.6-based SELinux. The gulf between the two versions has grown further > since that release, as all new development has only been done for the > 2.6-based SELinux (e.g. port-based controls, getpeercon support, mount > context options, conditional policy extensions) and we have reached the > point where compatibility is once again an issue, although you can still > uncomment the POLICYCOMPAT definition in the policy Makefile to build > the older policy format. > > While the 2.4 back port served a useful purpose for a time in allowing > people to start migrating to the new SELinux API and to using extended > attributes for file security contexts without immediately jumping to > 2.6, there seems to be little reason to continue maintaining it for much > longer, and we are really only maintaining it for newer base kernels at > present. Hence, I expect that a final snapshot of it will be migrated > to the historical versions page in the future. If you have concerns > with this, let us know, although we really don't plan on continuing to > maintain it ourselves. Someone else could certainly seek to maintain > it, but I'm not sure that it would be worthwhile, as Fedora Core 2 > appears to only be 2.6-based. -- ----------------------miguel bolanos, systems administrator, linux labs ... ........ ..... .... 230 peachtree st nw ste 2701 the original linux labs atlanta.ga.us 30303 -since 1995 http://www.linuxlabs.com office 404.577.7747 fax 404.577.7743 ----------------------------------------------------------------------- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Tue 10 Feb 2004 - 13:42:42 EST This message: [ Message body ] Next message: Andreas Schuldei: "Re: 2.4-based SELinux" Previous message: Stephen Smalley: "2.4-based SELinux" In reply to: Stephen Smalley: "2.4-based SELinux" Next in thread: Stephen Smalley: "Re: 2.4-based SELinux" Reply: Stephen Smalley: "Re: 2.4-based SELinux" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom