>>But the proper behavior if policy cannot be loaded and the system is in >>enforcing mode is to halt. >From RBAC-987: FPT_RCV.1.1 After a failure or service discontinuity, the TSF shall enter a maintenance mode where the ability to return the TOE to a secure state is provided The phrasing "shall enter" seems to imply automatically to me. >Wouldnt it be better to continue booting by automatically setting >SELinux into permissive or disabled state while throwing out warnings at >bootup and in the logs? That might be OK if someone could select that failure policy, but that is not what we want in a secure environment. -Steve __________________________________ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
