On Thu, Jun 7, 2012 at 12:52 PM, Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > On Thursday, June 07, 2012 12:08:31 PM Christopher J. PeBenito wrote: > I'm also curious if you are going to do anything about incorporating the > secmark configuration into the greater SELinux policy. As far as I'm > concerned, that is the only way I would consider ack'ing these patches (I did > mention this in the original thread). As soon as this series covers all paths I am willing to take it, even over Paul's larger objection. I don't think what Paul wants makes enough sense to warrant not allowing enforcement in the face of a mislabeled system. Sorry Paul. That doesn't mean I wouldn't be happy to see something along those lines, but I think allowing people to use and control the system the way we have it today trumps some potential work tomorrow. -Eric -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
