On Saturday 29 March 2008 02:19, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > That was a technology transition for SELinux, one that all the > distributions went through. All the distributions now use modular, > managed policy by default, and monolithic policy support remains for > legacy systems (e.g. RHEL4) and possibly for embedded systems since > modular, managed policy presently has a real cost to it (unlike the MLS > support). Nowadays it seems that a very common case of development for embedded systems (probably the most common case) is to use some sort of bigger system to do the development and then deploy on the small system. An example of this is the Familiar developers who built iPaQ machines with hard drives... Given the use of such a bigger system, which could even have a different CPU - AFAIK there are no CPU specific requirements in the policy build (or if they are then it's a bug) you could have a modular managed policy development process that results in copying the policy.N file to the destination machine. -- russell@xxxxxxxxxxxx http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
