* frm sdsat_private "08/06/01 09:43:14 -0400" | sed '1,$s/^/* /' * * * SELinux is concerned with application issues, and we've tried to * provide policy-flexible extended APIs in SELinux. Creating * a set of even more general APIs for LSM security modules would * be interesting, but probably needs to wait a little bit. * The last time I checked (which was some time I ago, I admit), your application changes still assumed that you were running SELinux (that's not bad, currently my application audit changes assume that you have a kernel with audit system calls implemented). But this will have to change. What I'm talking about is providing support for applications that is truely policy independent, forking applications is just as bad as forking the kernel. If its going to be useful it would have to work with Poligraph as well as LSM. We can talk more about this next week. * Stephen D. Smalley, NAI Labs * ssmalleyat_private richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 15:23:41 PDT