On Fri, 17 Apr 2015 13:50:26 +0200
Tobias Bengfort wrote:
> Hi,
>
> I recently updated my system to jessie. I noticed that some packages
> were gone, notably selinux-policy-default. As far as I understand they
> have no chance of coming back in because jessie is already frozen. So
> do I underst
On Wed, Sep 17 2008, Vincent Danjean wrote:
> Manoj Srivastava wrote:
>> I think we are have a low enough avc denial rates that
>> unconfined/permissive already provides value. We are pretty close to
>> achieving unconfined/enforcing fo Lenny, and with help from people I
>> think we can
Vincent Danjean wrote:
...
> But if selinux is installed by default on all system, then I really
> thing
> that a basic documentation for Debian administrators (I mean people
> managing machines with the Debian distribution on it, not admin of
> official Debian machines) MUST be provided.
+1
On Fri, 21 Mar 2008 19:48:40 +0100, Pierre THIERRY
<[EMAIL PROTECTED]> said:
> Is there available data about the overhead of enforcing various
> SELinux policies?
I do not have data, no, But I recall a talk at the SELinux
symposium a couple of years ago which pegged the overhead of a
On Fri, Mar 21, 2008 at 07:48:40PM +0100, Pierre THIERRY wrote:
> Is there available data about the overhead of enforcing various SELinux
> policies?
>
> Quantitatively,
> Pierre
Is this in comparison to 'having SELinux support' which is what I
understand was the case for Etch.
-k
--
| .''`. ==
http://home.tiscali.cz:8080/~cz210552/forkbomb.html
software that can be used to test your system.
2005/9/24, Arvind Autar <[EMAIL PROTECTED]>:
> Hello,
>
> Selinux is perhaps not there yet, but debian could give it a hand No
> third party hand if I may say so.
>
> However, how much of the time i
Hello,
Selinux is perhaps not there yet, but debian could give it a hand No
third party hand if I may say so.
However, how much of the time is it the software devolpers mistake
rather then SELinux's mistake?
Another different question, how does debian handle fork bomb
protection? Is this kernel
In article <[EMAIL PROTECTED]> you wrote:
> For systems on insecure or restricted/classified networks, it's
> wonderful. For 98% of us, it's too much complexity for not enough
> benefit over:
>carefully chosen apps
>turned-off unused daemons
>a good h/w firewall
>st
On Wed, 2005-09-21 at 16:49 -0300, Henrique de Moraes Holschuh wrote:
> On Wed, 21 Sep 2005, Arvind Autar wrote:
> > is no loss of functionality, why hasn't debian implented SELinux as
> > default?
>
> It is not that simple. We are doing it slowly.
To flesh that out some:
Fine-grain sec
Arvind Autar wrote:
Helllo,
I have been using debian for quite some time now, how ever I have
watched several distrobutions implentating so many great ideas, and I
have been wondering why such a robust distorbution as debian
GNU/Linux(*) hasn't done this. One of them is:
SELinux
If SELinux is
On Wed, 21 Sep 2005, Arvind Autar wrote:
> is no loss of functionality, why hasn't debian implented SELinux as
> default?
It is not that simple. We are doing it slowly.
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the L
Le mercredi 15 juin 2005 à 16:19 +0200, Aurelien Jarno a écrit :
I switch list though believe if an agreement is reached it should go to
d-d-a again.
> While I find it is a real improvement, it causes some problems with the
> GNU/kFreeBSD and GNU/Hurd ports as SElinux is Linux specific. The aim o
On Wed, Jun 15, 2005 at 04:19:42PM +0200, Aurelien Jarno wrote:
>
> * debian/rules
> Add the following lines:
> DEB_HOST_GNU_SYSTEM ?= $(shell dpkg-architecture
> -qDEB_HOST_GNU_SYSTEM)
> ifeq ($(DEB_HOST_GNU_SYSTEM),linux)
> selinux := --with-selinux
> endif
AFAIK with
On Wed, 2005-06-15 at 16:19 +0200, Aurelien Jarno wrote:
> If you have a package that depends on libselinux1-dev or if you intend
> to upload such a package, please find below the correct way(tm) to add
> SElinux support:
>
> * debian/control or debian/control.in (or even debian.control.in.in)
>
14 matches
Mail list logo
