* James Morris (jmorris@private) wrote: > On Wed, 25 May 2005, Stephen Smalley wrote: > > - using SELinux as the shared framework and directly integrating them > > into it so that they can leverage its policy abstractions as well and > > serve to reinforce the access controls rather than being redundant. > > Given that nobody has come up with an upstream alternative to SELinux > since the merging of LSM, this should certainly be considered. > > In fact, there has recently been some discussion about removing LSM > completely and just using SELinux directly. Yes, it was in the context of lack of meaningful in-tree modules. A context which is certainly important. However, there's enough activity in the area that dropping LSM would be a step backwards.
This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 21:46:50 PDT