[ubuntu-hardened] Re: selinux-policy-targeted (1:1.22-2) available
Lorenzo Hernández García-Hierro
lorenzo at gnu.org
Sun Mar 27 07:04:46 CST 2005
El sáb, 26-03-2005 a las 20:41 -0500, Colin Walters escribió:
> Very cool, I'm excited about this.
We'll see how well it works.
If not, then blame at me ;)
> I assume you mean this:
>
> + print "Do you want $file:" . substr($line, 6);
> + print "Yes/No/Display [Y/n/d]? ";
>
> I suggest that you simply delete this code entirely, and install
> every .te file. It's outdated for several reasons:
>
> 1) With the new dynamic boolean support, SELinux enforcement for a
> particular daemon can be turned off at runtime, instead of
> at policy build time.
> 2) The targeted policy is significantly smaller than the strict, so
> there are no space/size concerns.
> 3) It's always been annoying as hell :)
Done, I'm doing some improvements for the -3 revision.
Now I need to do other stuff, I'll upload the new package later.
Cheers and thanks for the help ;),
--
Lorenzo Hernández García-Hierro <lorenzo at gnu.org>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20050327/cea9300d/attachment.pgp
More information about the ubuntu-hardened
mailing list