Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: Where to specific the handling of unknown kernel classes and perms
From: Stephen Smalley <sds_at_tycho.nsa.gov>
Date: Thu, 03 May 2007 08:46:34 -0400
Hmm...actually, I would have argued that it should only be settable by checkpolicy/checkmodule, and always inherited from the base module in the link/expand case. That way we can always know what the kernel behavior is by looking at the base module, vs. having to separately look at semanage.conf. It is a tradeoff though in terms of analyzability vs. ease of customization. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Thu 3 May 2007 - 08:46:36 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |