--- Pavel Machek <[EMAIL PROTECTED]> wrote: > Hi! > > > > Ergo the only > > > people who should be writing security policy for deployment are those > > > people who have studied and trained in the stuff. Those people are > > > also known as "security professionals". > > > > If only security professionals can use the system you have failed > > to provide a general purpose facility. It may have value in limited > > circumstances but it is not for everybody. > > But that's okay. Maybe SElinux is not simple enough to use for > everyone, but that does not mean you can't auto-generate policy from > something else, "easy to understand". IOW smack may be great idea,
Thank you. > but you written it in wrong language. You > written it in C, while you should have written it in SELinux policy > language (and your favourite scripting language as frontend). I have often marvelled at the notion of a simplification layer. I believe that you build complex things on top of simple things, not the other way around. Casey Schaufler [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
