[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [redhat-lspp] Getting rid of multilevel objects

From: Casey Schaufler <casey schaufler-ca com>
To: Klaus Weidner <klaus atsec com>, Joe Nall <joe nall com>
Cc: lspp-list <redhat-lspp redhat com>, Chad Hanson <chanson TrustedCS com>
Subject: Re: [redhat-lspp] Getting rid of multilevel objects
Date: Wed, 5 Jul 2006 14:42:41 -0700 (PDT)


--- Klaus Weidner <klaus atsec com> wrote:

> This gets back to the original question - is there a
> real need in the
> SELinux MLS policy for regular users to access
> multilevel objects other
> than specific exceptions for trusted objects? It
> would simplify analysis
> to get rid of them.

Other than a small list of special cases,
/dev/null, /dev/zero, /dev/tty, ptys, etc,
there is no need for "multilevel objects".


Casey Schaufler
casey schaufler-ca com

References:
- Re: [redhat-lspp] Getting rid of multilevel objects
  - From: Klaus Weidner

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]