I must first admit that I am new to linux, I am not qualified to suggest a
feature, so please consider this a question.
IF its true that when SELinux is fully enabled the restrictions can cause
some problems when programs do things they are supposed to do but normally
don't, THEN I have an idea.
What if an intrusion detection system were to inform the SELinux server that
an intrusion is likely happening, which triggers a change from
non-enforcement mode to enforcement mode?
Would this "raise the shields" method be useful for situations where
enforcement mode just isnt right, or is this more of a fundamental
misunderstanding on my part of how SELinux works...?
I think in the future this NSA project will be an example of the government
receiving a 100 fold return on their investment, even considering that
SELinux isn't likely to be used in classified systems.
_________________________________________________________________
Check out Election 2004 for up-to-date election news, plus voter tools and
more! http://special.msn.com/msn/election2004.armx
