| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070821073710.GB7258@elf.ucw.cz> Date: Tue, 21 Aug 2007 09:37:10 +0200 From: Pavel Machek <pavel@....cz> To: Casey Schaufler <casey@...aufler-ca.com> Cc: Kyle Moffett <mrmacman_g4@....com>, linux-security-module@...r.kernel.org, LKML Kernel <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel Hi! > > Ergo the only > > people who should be writing security policy for deployment are those > > people who have studied and trained in the stuff. Those people are > > also known as "security professionals". > > If only security professionals can use the system you have failed > to provide a general purpose facility. It may have value in limited > circumstances but it is not for everybody. But that's okay. Maybe SElinux is not simple enough to use for everyone, but that does not mean you can't auto-generate policy from something else, "easy to understand". IOW smack may be great idea, but you written it in wrong language. You written it in C, while you should have written it in SELinux policy language (and your favourite scripting language as frontend). Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists