Re: SELinux

To: [email protected]
Subject: Re: SELinux
From: Bernd Eckenfels <[email protected]>
Date: Thu, 22 Sep 2005 00:28:18 +0200
Message-id: <[🔎] [email protected]>
In-reply-to: <[🔎] [email protected]>

In article <[🔎] [email protected]> you wrote:
> For systems on insecure or restricted/classified networks, it's
> wonderful.  For 98% of us, it's too much complexity for not enough
> benefit over:
>        carefully chosen apps
>        turned-off unused daemons
>        a good h/w firewall
>        strong iptables rules.

Biba Low-Watermark is here pretty interesting, since it requires a bit less
setup. Linux supports that with Lomac. 

Looks like IBM is researching on some SELinux based hybrid models which they
call SLIM (with TPM hardware support):
http://www.acsac.org/2004/workshop/David-Safford.pdf

However looks like lomac is kind of postponed, since nobody is funding LSM
work. However it is part of FreeBSD current.
http://opensource.sparta.com/lomac/

Gruss
Bernd

Reply to:

References:
- Re: SELinux
  - From: Ron Johnson <[email protected]>

Prev by Date: ITP: ree -- Extract ROM extensions
Next by Date: Bug#329462: general: standard value $LANG="de_DE@euro" -> very tiny GTK1 font
Previous by thread: Re: SELinux
Next by thread: Re: SELinux
Index(es):
- Date
- Thread

	
		OSZAR »