On Mon, 2005-05-09 at 11:32 -0400, Daniel J Walsh wrote: > The goal is to not change the fundamental securitylevel on > policy/kernel updates [ ... ] Any new booleans need to default to > true. Hmm, so if I understand correctly then it's actually very possible that updates/new distro versions will be shipped that deny things that were previously allowed by default, as long as there is a boolean to switch them off? That sounds like by default every time you upgrade, programs might break. There must be a better way to deal with this. > This is what booleans are for. Booleans are just an implementation mechanism, what is needed is some simple (end-user understandable) means for ISVs to communicate what permissions their software needs - possibly for old versions of their software that don't work with new policy. Usability-wise it's not OK to put: "This software requires that the SELinux 'foo', 'bar', 'xyz' booleans be set to false". This is asking too much of the user, especially as there should ideally be some easy way to apply more relaxed policy to an individual program if it can't cope with the system defaults. Booleans for individual programs is just too complicated. I suggested a level system because (I think) it's reasonable to expect end users to deal with statements like "This program cannot run with security level 3 or higher". Whereas it's not reasonable to expect people to be able to adjust things at a finer level of detail than that. thanks -mike -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
