Re: SELinux Coloring book?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2013-11-13 at 11:13 -0600, Bruno Wolff III wrote:
> On Wed, Nov 13, 2013 at 17:10:43 +0000,
>    Tony Scully <tonyjscully@xxxxxxxxx> wrote:
> >That's excellent!
> 
> The mls case might have been overly simplified. It didn't cover writing, 
> where the dominance goes in the other direction. People might be incorrectly 
> left with the impression the top secret can do everything that secret 
> can do.
> --

I agree with you on the danger of oversimplification in generel with
regard to explaining SELinux

This is also why i find it sub-optimal to leave the two other default
security models out of the equation (RBAC/IBAC)

It is mentioned in the article that SELinux complements Linux security,
by briefly touching on IBAC one would clarify at least to some degree
how SELinux associates with Linux security

RBAC by itself is worth mentioning in my view, if only to have touched
on each security attribute in a security context tuple.

The idea of the illustrated article is nice, but the article is not
comprehensive.

Granted, there are constraints. You cannot simply publish a three page
article on a medium like this i suspect



--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux