[redhat-lspp] lspp 30 kernel released
Paul Moore
paul.moore at hp.com
Tue May 30 19:51:36 UTC 2006
Steve Grubb wrote:
> On Tuesday 30 May 2006 15:38, Paul Moore wrote:
>>When NetLabel is enabled all unlabeled packets get the unlabeled SID which
>>may cause problems with the policy as it is currently written, I'm not sure
>>(but it sounds like it from what you just said).
>
> So, how does one achieve backward compatibility? This is the normal setup that
> Fedora users would have.
>
You update the policy at the same time you update the kernel to include
NetLabel.
Right now I am focusing on the kernel code because that needs to be done
first and there is still work to be done. Also, I suspect there is
still bound to be some debate as to how exactly we reconcile all of
these network access controls into SELinux and that could have an affect
on this as well (I tried to start a discussion on this but no one on
the SELinux list seemed interested in talking about it).
--
paul moore
linux security @ hp
More information about the redhat-lspp
mailing list