[redhat-lspp] mls level to without classification
Joe Nall
joe at nall.com
Tue Aug 22 13:37:37 UTC 2006
On Aug 22, 2006, at 7:50 AM, Huneycutt, Doug wrote:
> Similar question ...
>
> Is there an accepted configuration/policy that allows a system to
> perform as an interface between a non-labeled environment and one or
> more labeled environments?
You can use secmark to label hosts by IP address. See http://
people.redhat.com/jmorris/selinux/secmark/
I hope secmark will make it into RH5, giving us a mechanism to label
individual hosts that don't support CIPSO or IPSec labeled networking.
joe
More information about the redhat-lspp
mailing list