On Friday 31 December 2004 09:43, Mike Hearn <mike@xxxxxxx> wrote: > It also doesn't help that Fedora have patched upstream SElinux extensively > in the process of actually making it usable, for instance they've made a > lot of stuff more automatic. I believe these patches are being folded back > in upstream, but the problem with doing it "upside down" like this is > that the official docs which most people find first do not correspond to > an actual FC3 installation, which is what most people are actually playing > with SELinux on. > > I do not know why these patches weren't developed upstream then pulled > down as they became ready. I guess there are good reasons. The patches are developed by the people who have the time and skills necessary. Some of those people are Red Hat employees (including me). Code that is developed by Red Hat employees generally goes into Red Hat first before going upstream. But that isn't the reason that the documentation lags behind development. The reason is that a lot of work is being done on developing the code and policy, but little time is available for documentation. I think that things are improving in this regard, but there is a lot of documentation work to be done. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
