[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Keeping SELinux on (was Attention: Proprietary video driver users (ATI, Nvidia, etc.))




Application developers?  What has SELinux policy got to do with application
developers?
It has everything to do with application developers. The person that knows most about an application can write the best policy, which describes best what that application does, so that the application can work in a safe and controlled manner, without generating denials.
The targeted policy "focuses on locking down specific daemons, especially
ones vulnerable to attack or to devastating a system if broken or
compromised".  (From the SELinux FAQ on fedora.redhat.com.)

That's a tiny subset of applications.
Surely you've noticed how the number of those targets keep increasing with every release.
They're all migrating over from strict policy.

Anyway, the fact that it's a tiny subset of applications doesn't mean that it wouldn't be helpful to get developer review of the policy, and participation/patches.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]