On Thu, 04 Nov 2004 23:06:06 -0500, Colin Walters <[EMAIL PROTECTED]> said:
> On Thu, 2004-11-04 at 13:15 +0000, Luke Kenneth Casson Leighton wrote: >> default: no. > Why not on by default, with a targeted policy, for everyone? > SELinux's flexibility allows one to easily turn it off for specific > services. There's a lot of value in preventing a compromised or > misconfigured syslogd or portmap daemon from destroying your system. > Not to mention Apache; with the stronger version of can_network, the > Slapper worm would have been stopped in its tracks (no outbound port > 80 access). Additionally, I'm working on securing some high-risk > software using the targeted policy; something that would be > difficult to impossible to do without SELinux. > The entire point of SELinux is to bring strong, flexible mandatory > access control to a mainstream operating system (Linux). If it's > not enabled by default, and limited to the few of us on this mailing > list, what's the point? Why don't we just run say EROS > (http://www.eros- os.org/) instead? A: Because what makes SELinux > interesting is that it can run all of our legacy software. By not > shipping it on everywhere, we're not tapping that ability. This is all very nice, but I think we need to take an evolutionary change to reach that goal. The first step, far more palatable than forcing SELinux (even with just a targeted policy) is to get SELinux in the default kernels, disabled by default at boot time. manoj -- Harp not on that string. William Shakespeare, "Henry VI" Manoj Srivastava <[EMAIL PROTECTED]> <http://www.debian.org/%7Esrivasta/> 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
