On Mon, Jul 11, 2016 at 10:46 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > I don't think we can/should add any more initial SIDs until we have > dynamic discovery support for them. At present, we'll have problems > with old kernel with new policy and with new kernel with old policy when > the number of initial SIDs changes. Seems like a reasonable policy to me. -- paul moore www.paul-moore.com _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
