On Fri, 2008-10-17 at 16:38 -0400, Eric Paris wrote: > Anyway, I'm not arguing this is going to provide greater MAC confinement > and I'm not able to describe security goals in terms of MAC domains. > I'm merely stating that a SELinux confined admin is easily able change > DAC security policy as defined by an organization. DAC by definition is subject to control by the user, not by the organization. > Yes, DAC sercurity > policy that I'm talking about is mathmatically provable and that's the > part that I'm sure you initially reject, but it doesn't make it > pointless or even detractive. It isn't about being provable but rather providing any actual security benefit. However, I'm open to the notion of controlling making additional entrypoints to a user identity, as described in my response to Dan, but I don't believe that this patch is the way to achieve that. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
