On Sunday 16 January 2005 02:32, Sean Middleditch <elanthis@xxxxxxxxxxxxxxx> wrote: > On Sat, 2005-01-15 at 17:29 +0530, Rahul Sundaram wrote: > > > - SELinux Episode III: Revenge of the AVC > > > > how about gui integration with gnome by letting nautllus show security > > contexts and manipulate them using chcon, fixfiles etc as the backend. > > That sounds like a pretty bad idea in general, actually - the last thing > you need is for the state of your file contexts to ever get out of sync Launching fixfiles at the request of the user is certainly a bad idea. But allowing the user to use a GUI to see the context (equivalent of "ls -Z") and change the context (equivalent of "chcon") would be handy and not cause any security issues. Generally it's nice to allow people to perform all user actions through a GUI that they can do through the command-line. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
