Re: Core 2 SELinux installation

[Matthew Miller <mattdm mattdm org>]

On Fri, Apr 30, 2004 at 12:14:08PM -0400, Stephen Smalley wrote:
> One thing to consider is that the "relaxed" policy may actually end up
> being more "secure" for the set of security goals it targets.  Perhaps a
> better term than "relaxed" would be "specialized" or "targeted".  Given
> a small focused set of security goals, you can more easily specify the
> policy and analyze it for exceptions.  In contrast, when you try to put
> every process in its own sandbox while supporting existing functionality
> (particularly functionality that isn't used to living in sandboxes), it
> becomes very difficult to analyze the resulting large, complex policy to
> see whether it meets your higher level goals (e.g. don't let apache
> subvert a trusted process).

This sounds like a very good approach, and is much less threatening to a
sysadmin with a large base of systems and users that are all basically
working fine now.


-- 
Matthew Miller           mattdm mattdm org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>