Nicolas Williams wrote: > On Mon, Mar 30, 2009 at 08:07:02PM -0700, Casey Schaufler wrote: > >> Not to throw a puppy in the gears, but sophisticated handshaking and >> negotiation protocols are not the answer. We had TSIG session management >> for doing that and it is just not enough. How would you negotiate the >> differences between two SELinux policies? >> > > You don't. You either establish that they are the same (or that one or > both peers are translating to a common policy) or that they are not. In > the latter case you fail to communicate further. It seems quite > reasonable to me to have a single policy for a site -- that seems doable > for MLS, but for DTE it's more likely that there will be OS-specific > parts of a site policy, and the potential need to map between existing > OS-specific policies and something else seems daunting, at least at > first glance, but I'm an optimist, so I think it must be doable :) > You only get common policy on a single system image. Oh, with MLS you can limit it to MLS hosts and unlabeled hosts, but you'll always have at least the two. Even with MLS you'll have machines that are disallowed each other's levels and/or categories. This situation had a major impact on the Smack design, where there is no interpretation of the label at all. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.