On 1 Mar 2011 at 18:28, Anthony G. Basile wrote:
> > in HVM mode
> > i386 should be fine, amd64 should be dead slow.
>
> In my experience, both are fine. I run hardened x86, hardened amd64 and
> hardened amd64 nomultilib as domU. The host is OpenSuse 11.3. I have
> both KERNEXEC and UDEREF on,
On 3/1/2011 6:22 PM, Anthony G. Basile wrote:
> On 03/01/2011 03:02 PM, pagee...@freemail.hu wrote:
>> On 28 Feb 2011 at 15:39, Daniel Reidy wrote:
>>
>>> On Sun, Feb 27, 2011 at 5:58 PM, wrote:
that's actually not the intended use of the PIC USE flag, we wanted it
originally
to e
Hi guys,
I've committed sec-policy/selinux-base-policy-2.20101213-r9 to the
hardened-development overlay. It has the following fixes since -r8:
- Allow Portage sandbox to ptrace (some package installs require this)
- Use xserver_domtrans instead of allowing siginh (cleaner policy)
- Fix issue that
ons 2011-03-02 klockan 10:28 +0200 skrev
pagee...@freemail.hu:
> On 1 Mar 2011 at 18:28, Anthony G. Basile wrote:
>
> > > in HVM mode
> > > i386 should be fine, amd64 should be dead slow.
> >
> > In my experience, both are fine. I run hardened x86, hardened amd64 and
> > hardened amd64 nomultili
Hi all
Currently, the SELinux FAQ is integrated in the SELinux handbook as a
dedicated chapter. I would like to suggest to separate the FAQ into its own
guide rather than keep it integrated.
The main reasons I see for this are
- it makes more sense for users when they are told to look for the FA
On 2 Mar 2011 at 22:10, Peter Hjalmarsson wrote:
> > > KVM is a different story, and I do see slowdown for amd64.
> >
> > this means that the slowdown is truly specific to some kvm/uderef
> > interaction,
> > not that i have an idea where to look still...
>
> Are you missing anything you need
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 03/02/2011 12:48 PM, Sven Vermeulen wrote:
> Hi guys,
>
> I've committed sec-policy/selinux-base-policy-2.20101213-r9 to the
> hardened-development overlay. It has the following fixes since -r8:
> - Allow Portage sandbox to ptrace (some package i
On 03/02/2011 03:28 AM, pagee...@freemail.hu wrote:
> On 1 Mar 2011 at 18:28, Anthony G. Basile wrote:
>
>>> in HVM mode
>>> i386 should be fine, amd64 should be dead slow.
>>
>> In my experience, both are fine. I run hardened x86, hardened amd64 and
>> hardened amd64 nomultilib as domU. The hos
2011/3/2 Sven Vermeulen :
> Hi all
>
> Currently, the SELinux FAQ is integrated in the SELinux handbook as a
> dedicated chapter. I would like to suggest to separate the FAQ into its own
> guide rather than keep it integrated.
>
> The main reasons I see for this are
>
> - it makes more sense for us
