On Mon, 24 Sep 2007 22:16:02 -0500, Mumia W <[EMAIL PROTECTED]> said:
> On 09/24/2007 07:52 PM, Miles Bader wrote:
>> Mike McCarty <[EMAIL PROTECTED]> writes:
>>>> even 708 old hardware seems to be running it fine for me.
>>> My objection is to having on my machine at all.
>>
>> I object to having python and tcl on my machine.
>>
>> -Miles
>>
> Your Debian machine is probably not dependent upon tcl, but Debian has
> been dependent upon python for a long time.
> However, the dependency upon SElinux is more recent. There may be time
> to remove it before it becomes too entrenched and before its tentacles
> probe too deeply into Debian.
I think it has gone as deep as it is likely to go, and it is now
a matter of polishing up the security policy, and trying to set up an
install time option to allow people to boot into a secure node. All of
this was in place before we shipped Etch, so it is not all that recent.
> I hope it's not too late. I wish I'd educated myself about SELinux
> earlier, and I wish I could've participated in the discussions about
> SElinux in Debian. I believe that if more Debian users were aware of
> the radical nature of SElinux, its complexity and the number of core
> libraries and utilities that would have to be changed to accommodate
> it, SElinux's entry into Debian could have been averted.
I am afraid that this is rather late in the day; Etch shipped
fully SELinux capable, with all the patches that were needed already
in. We are in the phase where SELinux patches are migrating upstream;
PAM now comes built in with all the SELinux hooks required, for
instance, and coreutils has most of them.
> Now we are in the unfortunate position of having to convince the
> maintainer of SElinux to advocate for the removal of his baby from his
> O/S. :-(
I am willing to listen to reason.
manoj
--
Cole's Law: Thinly sliced cabbage.
Manoj Srivastava <[EMAIL PROTECTED]> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
