On Fri, 2017-01-20 at 19:48 -0700, Orion Poplawski wrote: > On 01/20/2017 05:18 PM, Adam Williamson wrote: > > On Sat, 2017-01-21 at 01:13 +0100, Kevin Kofler wrote: > > > Only the NSA can think that > > > duplicating knowledge about ALL programs in the distribution in a single > > > central database (single point of failure) can ever scale. > > > > By the way, this isn't true at all. Most packages can and, these days, > > are encouraged to ship their own SELinux policies. In Fedora currently, > > I see: > > > > copr-selinux > > cockpit-selinux > > drraw-selinux > > gcl-selinux > > websvn-selinux > > totpcgi-selinux > > vfrnav-selinux > > dist-git-selinux > > > > etc, etc, etc. > > > > Really? This is news to me (and I'm on the FPC). > > I see these drafts: > https://fedoraproject.org/wiki/PackagingDrafts/SELinux > https://fedoraproject.org/wiki/SELinux_Policy_Modules_Packaging_Draft > > but that's it. Well, I dunno about policy. I was just talking about what I've heard from SELinux maintainers. Last few times I've asked about getting policy extended to cover new things, the suggestion was just to include a policy with the thing. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
