Re: http://www.golden-gryphon.com/software/security/selinux.xhtml

Thu, 09 Jun 2005 21:35:03 -0700 

On Fri, 10 Jun 2005 00:20:31 +0100, Luke Kenneth Casson Leighton <[EMAIL 
PROTECTED]> said: 

> On Thu, Jun 09, 2005 at 11:42:00PM +0100, antoine wrote:
>> On Thu, 2005-06-09 at 20:20 +0100, Luke Kenneth Casson Leighton wrote:
>> > manoj, hi,
>> > 
>> > i am delighted to see the above web page re: selinux.
>> Err?

>  never seen it before :)

>> > 
>> > i notice you mention that there is an effort underway to make a
>> > uml-selinux.
>> > 
>> > perhaps i should mention that it is utterly trivial to set up a
>> > xen system with a guest domain running pretty much any kind of
>> > kernel - including selinux enabled ones.

>> We have been running selinux guest kernels in uml for years, that
>> was

>  _great_.

>  hm - the above page gives the impression that it hasn't been:

>         "There also has been an interest in creating an
>                                             ^^^^^^^^
>         SELinux UML, since it allows for rapid testing of policies,
>         and packages, and to observe the reaction of the machine to
>         threats and other stimuli. However, it has been tedious,
>         traditionally, to create a UML that can be run in enforcing
>         mode. A recipe for doing so has been created..."

------------------^^^^^^

  Recipe \Rec"i*pe\ (r[e^]s"[i^]*p[-e]), n.; pl. {Recipes}
     (r[e^]s"[i^]*p[=e]z). [L., imperative of recipere to take
     back, take in, receive. See {Receive}.]

     4. a method or procedure for accomplishing a goal by defined
        steps; -- implying a high probability of achieving the
        goal; as, a recipe for success. Also used in a negative
        sense, as, a recipe for disaster.

>> not the issue here,

>> or are you just doing xen advocacy?

>  i was under the impression, from the above, that somehow debian
>  cannot run selinux/uml.

        If it were not possible to do so, a recipe could also not have
 been created.


>  hm.  sorry about that - the above URL gives an impression other
>  than that.

        Onnly if you
  a) do not understand the meaning of the word recipe, and
  b) do not follow the link down to
     http://www.golden-gryphon.com/software/security/selinux-uml.xhtml


        manoj
-- 
Calling you stupid is an insult to stupid people! Wanda, "A Fish
Called Wanda"
Manoj Srivastava   <[EMAIL PROTECTED]>  <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to