On Mon, 10 Mar 2003 22:54, Chris Wright wrote: > I wouldn't classify SELinux[1] as just a research project. There is a > debian project that helps provide some basic policy definitions to help > secure a production type system[2]. The aim of my Debian work is not to produce policy. I just ended up writing lots of policy because it needed to be done and no-one else was doing it. The aim is to have a set of Debian packages for all SE Linux functionality, so that you can get full SE functionality by just installing Debian packages with a minimum of effort. Also I've spent a lot of time working on upgrades of live systems. Upgrading a SE Debian system is a lot easier than upgrading most OSs that don't have any special security (I have some SE machines that I upgrade every day). > lot of sample setups[4]. Openwall and Capabilities provide limited > protection, and require the least user/admin configuration (read: none). > They provide a nice complement to a fuller-featured MAC system. What is the ETA on getting LSM module stacking to fully work? Last time I checked most OpenWall functionality did not operate when stacked with SE Linux. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Mar 10 2003 - 14:05:58 PST