-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/01/2011 08:34 PM, solarflow99 wrote: > I was curious what opinion users here have for reference policy? Is it > worth using it to build modules? > My personal policy for my f14 system is based off of refpolicy (so is fedoras' selinux-policy though - it is refpolicy with a fedora-specific patch) However i decided to base my policy off of refpolicy as opposed to fedoras' selinux-policy for some reasons: 1. Fedora has more modules compiled into the base package, this makes fedora selinux-policy less modular. 2. Side effects of 1. is that some functionality does not work in fedoras" selinux-policy ( atleast not since last time i have checked ) But unless you are doing advanced user space confinement, you might not notice the latter issue. refpolicy works pretty well for my fedora 14 system, sure i have to modify it quite a bit, but nothing too difficult. So.. sure it is worth to build modules but it will require a bit work to make it work with fedora. > > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk1tVEQACgkQMlxVo39jgT/1wgCgtQfFjnlSINoNQVni6tAypdxK togAoJLXLFu6vomZywR8Eec2MpSws72f =Bx0Z -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
