--- Stephen Smalley <sds@private> wrote: > Yes, but with SELinux, you have a chance at doing it > because you have > comprehensive controls and you can apply a tool like > apol to check > whether said process can ultimately reach a given > state. If you choose > to implement your own little security module from > scratch, you are much > less likely to hit the mark. Now that's an assertion I'd like to see you back up! Especially since you've already said that it's impossible to describe how you might create such a policy in SELinux. Casey Schaufler casey@schaufler-ca.com __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new Resources site http://smallbusiness.yahoo.com/resources/
This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 10:37:21 PDT