On Wed, 21 Mar 2018 11:07:20 +0100 Petr Lautrbach <plautrba@xxxxxxxxxx> wrote: > On Wed, Mar 21, 2018 at 10:11:11AM +0100, Lukas Prediger wrote: > > More specifically, I have users > > john | mcsuser_u | s0-s0:c122 > > jane | mcsuser_u | s0-s0:c123 > > > > with > > mcsuser_u | MLS/MCS Level: s0 | MLS/MCS Range: s0-s0:c0.c1023 | > > SELinux Roles: user_r > > MLS and MCS were originally intended for top-secret (TS/SCI) government work at the NSA. The MLS (Multi-Level Security) corresponds to the levels "s0-s15". These were supposed to represent various levels of government security classification, e.g. FOUO, Confidential, Secret, Top Secret. The MCS (Multi-Category Security) was intended for "Sensitive Compartmented Information" or "SCI". (Not my department -- I don't need to know -- that sort of thing.) MLS and MCS are not enabled or enforced in the "targeted policy" which is not intended for heavily targeted systems, but rather to target scarce open-source SELinux policy development resources at the hardest-hit and most vulnerable sub-systems. There has not been much interest in developing open source MLS/MCS policies for SELinux on end user systems. I'm glad to see someone is tinkering with it.
Attachment:
pgpRFB07CuBdx.pgp
Description: OpenPGP digital signature
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
