[redhat-lspp] Number of level & compartments
Stephen Smalley
sds at tycho.nsa.gov
Tue Sep 20 13:30:04 UTC 2005
On Tue, 2005-09-20 at 09:07 -0400, Steve Grubb wrote:
> I wonder if there should be checks that prevent configurations that hit that
> limit. I think its expected that the user get an error message while setting
> up the system, in addition to when using it.
Ideally, yes.
> Is this detectable at compile time or during policy load?
Not for the policy itself, but you could potentially apply a set of
checks based on the translation library configuration, which gives you a
more realistic notion of what category sets are likely in any given
security context.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list