Mike Hearn wrote:
Oh, some other questions I should have asked:
* What are the binary compatibility guarantees for binary policy
modules? Is the format stable/will it be?
The format is versioned the same way the kernel binary format is, so any
changes to the format use a different version number, and backward
compatbility is retained.
* Are the .pp files cpu-architecture-neutral?
yes.
* Are they distribution neutral?
only as neutral as policies are, which isn't all that neutral right now.
Hopefully this will change when reference policy is used by everyone
and optional tunables are built in to the language.
* Any other things people distributing PP files with their software should
know?
you might look at this thread:
http://marc.theaimsgroup.com/?l=selinux&m=112871525005860&w=2
for more information. Particularly the justification for building
seperate packages for policy and the application.
thanks -mike
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
