Binary policy modules
Joshua Brindle
jbrindle at tresys.com
Wed Oct 12 19:37:35 UTC 2005
Mike Hearn wrote:
> Oh, some other questions I should have asked:
>
> * What are the binary compatibility guarantees for binary policy
> modules? Is the format stable/will it be?
>
The format is versioned the same way the kernel binary format is, so any
changes to the format use a different version number, and backward
compatbility is retained.
> * Are the .pp files cpu-architecture-neutral?
>
yes.
> * Are they distribution neutral?
>
only as neutral as policies are, which isn't all that neutral right now.
Hopefully this will change when reference policy is used by everyone
and optional tunables are built in to the language.
> * Any other things people distributing PP files with their software should
> know?
>
you might look at this thread:
http://marc.theaimsgroup.com/?l=selinux&m=112871525005860&w=2
for more information. Particularly the justification for building
seperate packages for policy and the application.
> thanks -mike
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
More information about the fedora-selinux-list
mailing list