Mr Dash Four wrote:
Mr Dash Four wrote:
Pablo Neira Ayuso wrote:
On Tue, Mar 05, 2013 at 12:48:47PM +0000, Mr Dash Four wrote:
This patch is part of the userspace changes needed for the
"secmark" match
in iptables.
SELinux already provides the framework to define your network policy
based on the secmark. I don't see why we need this in iptables.
I am not sure what to make of your response above Pablo. The purpose
of the patch isn't to replace what SELinux already provides, but to
make full use of that security framework. Are you questioning the
purpose or usefulness of the patch in general? Elaborate please.
So?
Pablo, do you intend to address this or not?
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
