No more selinux-policy-*-sources

Daniel J Walsh dwalsh at redhat.com
Tue Mar 14 16:08:52 UTC 2006 

Arjan van de Ven wrote:
>> Not an answer to your question but there's an interesting discussion on 
>> AppArmor and SELinux in Dan Walsh's blog:
>>
>> http://danwalsh.livejournal.com/424.html
>>     
>
>
> maybe it's time to accept that SELinux as technology is doomed. Not
> because the code is bad, but because it's Just Too Complex(tm).
> Complexity kills, and I think the time it is taking to get to the point
> where at least less than 99% of the people turns selinux off first thing
> is waay too long already.
>
> Maybe it's a matter of focus; sometimes I get the impression the focus
> is to give more coverage rather than to get the existing coverage to the
> point where people use it... but maybe the later is just so much work
> and so time consuming that it takes more time to get it than it takes
> the codebase to change again.
>
>   
Arjan,

Nice to hear from you.   I think that SELinux is just getting to the 
point where it is ready for steady improvements
in usability.  I will admit that we are being pulled by multiple 
forces.  I feel as I stated in my Blog that there are three groups 
pulling at SELinux, System Administrators who just want to get the damn 
thing working.  Software Application Developers who are kicking the 
tires to see if SELinux could help them protect there applications and 
finally Security people who are focused on things like protecting 
information flow.   Perhaps in the past we have been focused too heavily 
on the last group.

With loadable modules we are at the point where we can start to address 
all three groups, and you see products emerging to handle all three.  
Are these products coming fast enough, I don't know.  Can we use help, yes.

Loadable modules are providing a framework for just getting the damn 
thing working, in RHEL 4 and FC4, you needed to install policy-sources 
in order to make small customizations to policy, in FC5 you can just 
create a small policy module to fix your problem. 

Loadable modules gives us the opportunity to allow third parties to ship 
there own policy, and for us to start to break up the policy from one 
big blob to the point where it is shipped with individual packages. 

I equate SELinux to the point when personal firewalls were first being 
introduced to each computer, everyone at that point just turned them 
off.  But eventually the technology got to the point where most people 
don't
realize they have a firewall running on there system.

Maybe we need a top ten list of things that I don't like about SELinux 
and then we can work to fix them.

Dan

More information about the fedora-devel-list mailing list