No more selinux-policy-*-sources
Dennis Jacobfeuerborn
d.jacobfeuerborn at conversis.de
Tue Mar 14 15:55:13 UTC 2006
Stephen Smalley wrote:
> On Tue, 2006-03-14 at 15:13 +0100, Arjan van de Ven wrote:
>>> Not an answer to your question but there's an interesting discussion on
>>> AppArmor and SELinux in Dan Walsh's blog:
>>>
>>> http://danwalsh.livejournal.com/424.html
>>
>> maybe it's time to accept that SELinux as technology is doomed. Not
>> because the code is bad, but because it's Just Too Complex(tm).
>> Complexity kills, and I think the time it is taking to get to the point
>> where at least less than 99% of the people turns selinux off first thing
>> is waay too long already.
>>
>> Maybe it's a matter of focus; sometimes I get the impression the focus
>> is to give more coverage rather than to get the existing coverage to the
>> point where people use it... but maybe the later is just so much work
>> and so time consuming that it takes more time to get it than it takes
>> the codebase to change again.
>
> No, there is quite a bit of ongoing work on improving useability for
> SELinux, including several new higher level tools that have been
> recently released.
[snip]
Where can I get more information about these tools?
Regards,
Dennis
More information about the fedora-devel-list
mailing list