Re: Revisit official SELinux support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, Oct 28, 2013 at 7:39 PM, Karol Babioch <karol@xxxxxxxxxx> wrote:

> Hi,
>
> I'm wondering whether there was ever an actual discussion regarding the
> SELinux support within Arch. I could only find a bug report from
> September 2012 (see [1]), which was closed by Dave Reisner with kind of
> a lame comment: "A million times no.".
>
> After having dealt with SELinux on a couple of occasions I think that it
> is real security enhancement worth the initial hassle of setting it up
> properly (at least in a server environment).
>
> Looking into the support for SELinux in Arch I think it is way too messy
> to be actually used in practice (see [2]).
>
> I wouldn't go so far to suggest to enable SELinux by default as proposed
> in the bug report mentioned above, but I think it would actually make
> sense to support it - more or less - officially. I'm thinking about a
> model similar to the one implemented by Debian (see [3]). It basically
> comes down to installing some default policies and enabling SELinux by
> running a script.
>
> This would, however, require at least the stock kernel to have support
> for SELinux built-in by default. Are there any technical reasons for
> this not being the case already?
>
> I don't want this to become a discussion about the pros and cons of
> SELinux (on a desktop system) in general. I'm just wondering whether it
> would be feasible to implement "official" support for SELinux within
> Arch. So, if possible, please keep it technical.
>
> Best regards,
> Karol Babioch
>
> [1]: https://bugs.archlinux.org/task/31448
> [2]: https://wiki.archlinux.org/index.php/SELinux
> [3]: https://wiki.debian.org/SELinux/Setup
>
>
I sended request for the reopening of my bug report.

 جاك الفضة


[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux