SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: Updated SELinux Release This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Luke Kenneth Casson Leighton <lkcl_at_lkcl.net> Date: Thu, 4 Nov 2004 13:15:44 +0000 On Thu, Nov 04, 2004 at 01:02:35AM -0600, Manoj Srivastava wrote: > On Wed, 03 Nov 2004 21:15:38 -0500, Colin Walters <walters@verbum.org> said: > > > On Wed, 2004-11-03 at 19:21 +0000, Dhruv Gami wrote: > >> Personally, i would prefer to have those two tarballs available. I > >> know most people using SELinux are familiar with patching the > >> kernel, and are generally familiar with how Linux works and know > >> their way around on a Linux system. > > > But moving forward, we don't want people to have to patch their > > kernel or utilities. > > Moving waaay forward. I asked the Debian kernel team to > consider compiling in SELinux (perhaps disabled by default, for > starters), and was told that that is not going to fly because of > "significant performance hit" one takes by compiling SELinux in. I > did not have any data to refute the claim, so that is where we sit. i had a bun-fight with the people who have taken over from herbert: at the point where i told them that recompiling applications to be optimised like yoper and gentoo distributions gives back performance far in excess of that lost by selinux, i stopped hearing back from them. > While a laudable long term goal, the reality is that most > distributions do not ship these utilities today, and in the case of > Debian, progress, while it is happening, is slow enough that > pragmatism requires we consider the reality that SELinux shall _not_ > be the default in the near term. default: no. available as an additional package: why not? heck, personally i wouldn't even care if it was i386 or 686 only. l. -- -- you don't have to BE MAD \| this space \| my brother wanted to join mensa, to work, but IT HELPS \| for rent \| for an ego trip - and get kicked you feel better! I AM \| can pay cash \| out for a even bigger one. -- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Thu 4 Nov 2004 - 08:05:26 EST This message: [ Message body ] Next message: Daniel J Walsh: "Re: Patch to make can_network stronger and remove nscd tunable." Previous message: Manoj Srivastava: "Re: selinux-doc problems" In reply to: Manoj Srivastava: "Re: Updated SELinux Release" Next in thread: Colin Walters: "Re: Updated SELinux Release" Reply: Colin Walters: "Re: Updated SELinux Release" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom