Dne So 9. dubna 2011 00:02:20 Thomas S Hatch napsal(a):
> On Fri, Apr 8, 2011 at 3:55 PM, Allan McRae wrote:
> > Hmm... I thought it was a a patch. Was it declared unstable/unsupported
> > upstream then? There was something weird like that.
> >
> > Anyway, I still see nothing wrong with creati
On Sat, Apr 9, 2011 at 11:56 AM, Yaro Kasear wrote:
> On Saturday, April 09, 2011 12:54:23 Thomas S Hatch wrote:
> > On Sat, Apr 9, 2011 at 11:49 AM, Yaro Kasear wrote:
> > > On Saturday, April 09, 2011 12:01:04 Thomas S Hatch wrote:
> > > > On Sat, Apr 9, 2011 at 9:18 AM, Yaro Kasear
> wrote:
On Saturday, April 09, 2011 12:54:23 Thomas S Hatch wrote:
> On Sat, Apr 9, 2011 at 11:49 AM, Yaro Kasear wrote:
> > On Saturday, April 09, 2011 12:01:04 Thomas S Hatch wrote:
> > > On Sat, Apr 9, 2011 at 9:18 AM, Yaro Kasear
wrote:
> > > > On Friday, April 08, 2011 14:29:34 Heiko Baums wrote:
>
On Sat, Apr 9, 2011 at 11:49 AM, Yaro Kasear wrote:
> On Saturday, April 09, 2011 12:01:04 Thomas S Hatch wrote:
> > On Sat, Apr 9, 2011 at 9:18 AM, Yaro Kasear wrote:
> > > On Friday, April 08, 2011 14:29:34 Heiko Baums wrote:
> > > > Am Fri, 8 Apr 2011 10:55:16 -0600
> > > >
> > > > schrieb Th
On Saturday, April 09, 2011 12:01:04 Thomas S Hatch wrote:
> On Sat, Apr 9, 2011 at 9:18 AM, Yaro Kasear wrote:
> > On Friday, April 08, 2011 14:29:34 Heiko Baums wrote:
> > > Am Fri, 8 Apr 2011 10:55:16 -0600
> > >
> > > schrieb Thomas S Hatch :
> > > > Yaro makes many good points, I think that
On Sat, Apr 9, 2011 at 9:18 AM, Yaro Kasear wrote:
> On Friday, April 08, 2011 14:29:34 Heiko Baums wrote:
> > Am Fri, 8 Apr 2011 10:55:16 -0600
> >
> > schrieb Thomas S Hatch :
> > > Yaro makes many good points, I think that my recommendation would
> be
> > > to allow someone to maintain support
On Friday, April 08, 2011 14:29:34 Heiko Baums wrote:
> Am Fri, 8 Apr 2011 10:55:16 -0600
>
> schrieb Thomas S Hatch :
> > Yaro makes many good points, I think that my recommendation would
be
> > to allow someone to maintain support for SELinux in community. If
> > SELinux support is deemed somet
Yaro Kasear (2011-04-08 11:32):
>
> >
> > So in general what is the benefits / costs for SELinux?
> >
>
> Benefits: Probably the most effective MAC for Linux. Once it runs it's
> arguably not too hard to allow/deny certain access due to some third party
> tools simplifying things a bit. You c
On Sat, Apr 9, 2011 at 6:02 AM, Thomas S Hatch wrote:
> On Fri, Apr 8, 2011 at 3:55 PM, Allan McRae wrote:
>> Anyway, I still see nothing wrong with creating SELinux packages and having
>> them available in [community], although I would like to see a separate repo
>> at least for the start.
>>
>>
On Fri, Apr 8, 2011 at 3:55 PM, Allan McRae wrote:
> On 09/04/11 00:53, Grigorios Bouzakis wrote:
>
>> Allan McRae wrote:
>>
>>> On 09/04/11 00:24, Grigorios Bouzakis wrote:
>>>
Nicky726 wrote:
>
> If I may add more to this SELinux related thread, I would like to aply
> for
On 09/04/11 00:53, Grigorios Bouzakis wrote:
Allan McRae wrote:
On 09/04/11 00:24, Grigorios Bouzakis wrote:
Nicky726 wrote:
If I may add more to this SELinux related thread, I would like to aply for TU
and bring SELinux packages to community in the summer, to make using SELinux
easier.
I
On Fri, 2011-04-08 at 16:08 -0400, Jeremiah Dodds wrote:
> On Fri, Apr 8, 2011 at 3:29 PM, Heiko Baums wrote:
> >
> > I'd prefer a separate [selinux] repo. So that people know what they are
> > doing.
> >
> >
> +1 from a users perspective, the changes in a machine's setup from non-SE to
> SE are
On Fri, Apr 8, 2011 at 3:29 PM, Heiko Baums wrote:
>
> I'd prefer a separate [selinux] repo. So that people know what they are
> doing.
>
>
+1 from a users perspective, the changes in a machine's setup from non-SE to
SE are non-trivial to the point that a separate repo would make things much
easie
Am Fri, 8 Apr 2011 10:55:16 -0600
schrieb Thomas S Hatch :
> Yaro makes many good points, I think that my recommendation would be
> to allow someone to maintain support for SELinux in community. If
> SELinux support is deemed something that would be a good idea to move
> to core in the future than
On Fri, Apr 8, 2011 at 10:36 AM, Yaro Kasear wrote:
> On Friday, April 08, 2011 05:43:51 Kaiting Chen wrote:
> > On Fri, Apr 8, 2011 at 3:44 AM, Jelle van der Waa
> wrote:
> > > And on a side note, I don't like archlinux forcing users to use SELinux
> > > because users should have a choice to us
On Friday, April 08, 2011 05:43:51 Kaiting Chen wrote:
> On Fri, Apr 8, 2011 at 3:44 AM, Jelle van der Waa wrote:
> > And on a side note, I don't like archlinux forcing users to use SELinux
> > because users should have a choice to use any MAC software they want.
> > That's why AppArmor /Tomoyo ar
>
> So in general what is the benefits / costs for SELinux?
>
Benefits: Probably the most effective MAC for Linux. Once it runs it's
arguably not too hard to allow/deny certain access due to some third party
tools simplifying things a bit. You can't deny the NSA-grade security it
brings whic
On Fri, Apr 8, 2011 at 8:17 AM, Nicky726 wrote:
> Dne pátek 08 dubna 2011 12:43:51 Kaiting Chen napsal(a):
> > On Fri, Apr 8, 2011 at 3:44 AM, Jelle van der Waa
> wrote:
> > > And on a side note, I don't like archlinux forcing users to use SELinux
> > > because users should have a choice to use
Allan McRae wrote:
> On 09/04/11 00:24, Grigorios Bouzakis wrote:
>> Nicky726 wrote:
>>>
>>> If I may add more to this SELinux related thread, I would like to aply for
>>> TU
>>> and bring SELinux packages to community in the summer, to make using SELinux
>>> easier.
>>>
>>
>> I dont think thats
On 09/04/11 00:24, Grigorios Bouzakis wrote:
Nicky726 wrote:
If I may add more to this SELinux related thread, I would like to aply for TU
and bring SELinux packages to community in the summer, to make using SELinux
easier.
I dont think thats gonna work since you'll have to provide the same
Nicky726 wrote:
>
> If I may add more to this SELinux related thread, I would like to aply for TU
> and bring SELinux packages to community in the summer, to make using SELinux
> easier.
>
I dont think thats gonna work since you'll have to provide the same
packages as in [core] built differently
Dne pátek 08 dubna 2011 12:43:51 Kaiting Chen napsal(a):
> On Fri, Apr 8, 2011 at 3:44 AM, Jelle van der Waa wrote:
> > And on a side note, I don't like archlinux forcing users to use SELinux
> > because users should have a choice to use any MAC software they want.
> > That's why AppArmor /Tomoyo
On Fri, Apr 8, 2011 at 7:32 AM, Allan McRae wrote:
> In my opinion, SELinux would be better supported in a user provided repo.
> Work with the guy (whose name I can not remember...) who has done an
> awesome job getting this all done and into the AUR.
>
Okay I don't know a thing about SELinux b
On 08/04/11 20:43, Kaiting Chen wrote:
On Fri, Apr 8, 2011 at 3:44 AM, Jelle van der Waa wrote:
And on a side note, I don't like archlinux forcing users to use SELinux
because users should have a choice to use any MAC software they want.
That's why AppArmor /Tomoyo are nicer solutions cause th
On Fri, Apr 8, 2011 at 3:44 AM, Jelle van der Waa wrote:
> And on a side note, I don't like archlinux forcing users to use SELinux
> because users should have a choice to use any MAC software they want.
> That's why AppArmor /Tomoyo are nicer solutions cause they don't require
> recompiling of pa
On Friday 08 April 2011 09:44:14 Jelle van der Waa wrote:
> SELinux would maybe bring extra security too archlinux, but what I don't
> see in this thread is how much harder / more bugs it would make for
> developers/TU's to package if you use SELinux.
Good point.
> So in general what is the bene
On Thu, 2011-04-07 at 22:31 +0300, Grigorios Bouzakis wrote:
> Thomas S Hatch wrote:
> > On Thu, Apr 7, 2011 at 12:51 PM, Grigorios Bouzakis
> > wrote:
> >
> >> I guess you mean http://thread.gmane.org/gmane.linux.arch.general/32759
> >
> > Thanks for the link, I did not want to bring up SELinux
Thomas S Hatch wrote:
> On Thu, Apr 7, 2011 at 12:51 PM, Grigorios Bouzakis wrote:
>
>> I guess you mean http://thread.gmane.org/gmane.linux.arch.general/32759
>
> Thanks for the link, I did not want to bring up SELinux yet, because I will
> not be getting to it for a few months, but this will help
On Thu, Apr 7, 2011 at 12:51 PM, Grigorios Bouzakis wrote:
> Yaro Kasear wrote:
> > On Wednesday, April 06, 2011 18:13:04 Grigorios Bouzakis wrote:
> >> Thomas S Hatch wrote:
> >> >
> >> > Yes the systemd topic keeps popping up, right now we don't know
> >> > if certain upstream changes are going
Yaro Kasear wrote:
> On Wednesday, April 06, 2011 18:13:04 Grigorios Bouzakis wrote:
>> Thomas S Hatch wrote:
>> >
>> > Yes the systemd topic keeps popping up, right now we don't know
>> > if certain upstream changes are going to force Arch into using systemd
> or
>> > not.
>>
>> I dont think s
On Thursday 07 April 2011 18:08:39 Yaro Kasear wrote:
> Selinux is another unneeded thing, but even worse is that it practically
> requires a doctorate in computer science to manipulate. Can't deny its
> security, though. +1 to leaving it out of Arch, not that anyone's asking
> Arch to.
I don't
Am Thu, 7 Apr 2011 11:08:39 -0500
schrieb Yaro Kasear :
> Selinux is another unneeded thing, but even worse is that it
> practically requires a doctorate in computer science to manipulate.
> Can't deny its security, though. +1 to leaving it out of Arch, not
> that anyone's asking Arch to.
For peo
On Wednesday, April 06, 2011 18:13:04 Grigorios Bouzakis wrote:
> Thomas S Hatch wrote:
> > On Wed, Apr 6, 2011 at 4:16 PM, Grigorios Bouzakis
wrote:
> >> Thomas S Hatch wrote:
> >> > I am saving the "include SELINUX support in base for a latter date"
> >> >
> >> > my understanding though is tha
On Thu, Apr 7, 2011 at 2:08 AM, Thomas Bächler wrote:
> Am 07.04.2011 04:36, schrieb Thomas S Hatch:
> > I like to hear that Tom!
> > Unfortunately many people think that having SELinux compiled in means
> that
> > it is running, having SELinux compiled into the core utils and the kernel
> > but
On Thursday 07 April 2011 00:25:42 Thomas S Hatch wrote:
> As for adding SELinux support in base but keeping it turned off by default,
> +1
+1
--
Divan Santana
On Thursday 07 April 2011 00:25:42 Thomas S Hatch wrote:
> As for adding SELinux support in base but keeping it turned off by default,
> +1
+1
--
Divan Santana
On Wed, 6 Apr 2011 21:22:14 -0600
Thomas S Hatch wrote:
> I think that Arch would benefit from inducing SELinux as an option
> because it expands the venues available for Arch Linux systems, I
> also think that inclusion in base of SELinux requires a minimal
> amount of maintenance and SELinux is
Am 07.04.2011 04:36, schrieb Thomas S Hatch:
> I like to hear that Tom!
> Unfortunately many people think that having SELinux compiled in means that
> it is running, having SELinux compiled into the core utils and the kernel
> but leaving it turned off has 0 negative effect on the system.
If that
On Wed, Apr 6, 2011 at 9:01 PM, DrCR wrote:
> Could you guys elaborate on why you dislike selinux. I would
> appreciate it. Do you prefer AppArmor, or do you dislike that as well?
>
>
> On Wed, Apr 6, 2011 at 7:13 PM, Grigorios Bouzakis
> wrote:
> >> As for adding SELinux support in base but kee
Could you guys elaborate on why you dislike selinux. I would
appreciate it. Do you prefer AppArmor, or do you dislike that as well?
On Wed, Apr 6, 2011 at 7:13 PM, Grigorios Bouzakis wrote:
>> As for adding SELinux support in base but keeping it turned off by default,
>> +1
>
> Although this isn
On Wed, Apr 6, 2011 at 7:53 PM, Tom Gundersen wrote:
> On Thu, Apr 7, 2011 at 6:46 AM, Thomas S Hatch wrote:
> > On Wed, Apr 6, 2011 at 4:32 PM, Heiko Baums
> wrote:
> >
> >> Am Wed, 6 Apr 2011 16:25:42 -0600
> >> schrieb Thomas S Hatch :
> >>
> >> > As for adding SELinux support in base but ke
2011/4/6 Tom Gundersen :
> On Thu, Apr 7, 2011 at 6:46 AM, Thomas S Hatch wrote:
>> On Wed, Apr 6, 2011 at 4:32 PM, Heiko Baums wrote:
>>
>>> Am Wed, 6 Apr 2011 16:25:42 -0600
>>> schrieb Thomas S Hatch :
>>>
>>> > As for adding SELinux support in base but keeping it turned off by
>>> > default,
On Thu, Apr 7, 2011 at 6:46 AM, Thomas S Hatch wrote:
> On Wed, Apr 6, 2011 at 4:32 PM, Heiko Baums wrote:
>
>> Am Wed, 6 Apr 2011 16:25:42 -0600
>> schrieb Thomas S Hatch :
>>
>> > As for adding SELinux support in base but keeping it turned off by
>> > default, +1
>>
>> Then you mean adding it t
Thomas S Hatch wrote:
> On Wed, Apr 6, 2011 at 4:16 PM, Grigorios Bouzakis wrote:
>
>> Thomas S Hatch wrote:
>> >
>> > I am saving the "include SELINUX support in base for a latter date"
>> >
>> > my understanding though is that the stated position of Arch was "no
>> > systemd"
>>
>> s/was/is/g
>>
On Wed, Apr 6, 2011 at 4:32 PM, Heiko Baums wrote:
> Am Wed, 6 Apr 2011 16:25:42 -0600
> schrieb Thomas S Hatch :
>
> > As for adding SELinux support in base but keeping it turned off by
> > default, +1
>
> Then you mean adding it to [core]. (base) is supposed to be installed
> on every system. A
Am Wed, 6 Apr 2011 16:25:42 -0600
schrieb Thomas S Hatch :
> As for adding SELinux support in base but keeping it turned off by
> default, +1
Then you mean adding it to [core]. (base) is supposed to be installed
on every system. And SELinux is definitely not necessary for a minimal
base Linux ins
On Wed, Apr 6, 2011 at 4:16 PM, Grigorios Bouzakis wrote:
> Thomas S Hatch wrote:
> >
> > I am saving the "include SELINUX support in base for a latter date"
> >
> > my understanding though is that the stated position of Arch was "no
> > systemd"
>
> s/was/is/g
>
> That is also my understanding in
Thomas S Hatch wrote:
>
> I am saving the "include SELINUX support in base for a latter date"
>
> my understanding though is that the stated position of Arch was "no
> systemd"
s/was/is/g
That is also my understanding in regards to selinux. Although i am not
familiar with "stated positions" about
48 matches
Mail list logo
