Stephen Smalley wrote:
On Tue, 2006-03-14 at 15:13 +0100, Arjan van de Ven wrote:
Not an answer to your question but there's an interesting discussion on
AppArmor and SELinux in Dan Walsh's blog:
http://danwalsh.livejournal.com/424.html
maybe it's time to accept that SELinux as technology is doomed. Not
because the code is bad, but because it's Just Too Complex(tm).
Complexity kills, and I think the time it is taking to get to the point
where at least less than 99% of the people turns selinux off first thing
is waay too long already.
Maybe it's a matter of focus; sometimes I get the impression the focus
is to give more coverage rather than to get the existing coverage to the
point where people use it... but maybe the later is just so much work
and so time consuming that it takes more time to get it than it takes
the codebase to change again.
No, there is quite a bit of ongoing work on improving useability for
SELinux, including several new higher level tools that have been
recently released.
[snip]
Where can I get more information about these tools?
Regards,
Dennis
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
