[ubuntu-hardened] Re: selinux-policy-targeted (1:1.22-2) available

Lorenzo Hernández García-Hierro lorenzo at gnu.org
Sun Mar 27 07:04:46 CST 2005

El sáb, 26-03-2005 a las 20:41 -0500, Colin Walters escribió:
> Very cool, I'm excited about this.

We'll see how well it works.
If not, then blame at me ;)

> I assume you mean this:
> +        print "Do you want $file:" . substr($line, 6);
> +        print "Yes/No/Display [Y/n/d]? ";
> I suggest that you simply delete this code entirely, and install
> every .te file.  It's outdated for several reasons:
> 1) With the new dynamic boolean support, SELinux enforcement for a
>    particular daemon can be turned off at runtime, instead of
>    at policy build time.
> 2) The targeted policy is significantly smaller than the strict, so
>    there are no space/size concerns.  
> 3) It's always been annoying as hell :)

Done, I'm doing some improvements for the -3 revision.

Now I need to do other stuff, I'll upload the new package later.

Cheers and thanks for the help ;),
Lorenzo Hernández García-Hierro <lorenzo at gnu.org> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20050327/cea9300d/attachment.pgp

More information about the ubuntu-hardened mailing list