From: "LiteStar numnums" <litestar@gmail.com>
To: "Fans of the OS Plan 9 from Bell Labs" <9fans@cse.psu.edu>
Subject: Re: Re: [9fans] if you're looking for some fun, check out selinux ...
Date: Tue, 18 Jul 2006 19:18:44 -0400 [thread overview]
Message-ID: <283f5df10607181618q47bff969tbef9476c325d9f14@mail.gmail.com> (raw)
In-Reply-To: <3e1162e60607181331x305a1b52od825beb247a4918b@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2090 bytes --]
You all seem to forget that this is a merging of anal retentive technologies
from a US government bureacracy and the anarchy of 'Linux', which is not
really a single anything accept a tree with lots and lots of code. This is
the same US goverment (although not the same bureaucracy) that unleashed
NIEM (niem.gov) onto the world, XML with no less than NINE NAMESPACES, which
is supposed to be used for critical (read: things like 'Oh, the leavies may
have been breached') data...
On a lighter note, I've always been happy with TrustedBSD & TrustedSolaris,
or OpenVMS ;-)
On 7/18/06, David Leimbach <leimy2k@gmail.com> wrote:
>
> On 7/18/06, Ronald G Minnich <rminnich@lanl.gov> wrote:
> > David Leimbach wrote:
> >
> > > It (SELINUX) was easily turned off with a switch in a conf file, but
> > > it's such a pain in the ass, I don't know why it's in a "FC" style
> > > distribution at all.
> >
> > The bigger question, which I can't quite figure out yet, is does selinux
> > provide some magic dust that in turn provides a level of security not
> > attainable any other way (i.e. in something like Plan 9) ... or, is it a
> > set of hacks to cover for an obsolete way of doing things. I am tending
> > toward thinking the latter, now that I've worked with it a bit. Watch
> > the discussions on labeling files, it's interesting, because the label
> > namespace seems to be fragmenting already.
> >
> > ron
> >
>
> It's very clearly add-on technology to make up for something people
> felt was unmanageable in Unix. However do we really need both ACLs
> and SELINUX contexts? Do our files really need to have named hidden
> data to store this crap in?
>
> I've honestly not read any papers justifying the need for ACLs or
> SELINUX controls.
>
> I suddenly miss DOS.
>
> Dave
>
--
Lead thou me on, O Zeus, and Destiny,
To that goal long ago to me assigned.
I'll follow and not falter; if my will
Prove weak and craven, still I'll follow on.
-- Epictetus
He who enters his wife's dressing room is a philosopher or a fool. -- Balzac
[-- Attachment #2: Type: text/html, Size: 2566 bytes --]
next prev parent reply other threads:[~2006-07-18 23:18 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-18 19:01 Ronald G Minnich
2006-07-18 20:11 ` David Leimbach
2006-07-18 20:16 ` Ronald G Minnich
2006-07-18 20:31 ` David Leimbach
2006-07-18 23:18 ` LiteStar numnums [this message]
2006-07-19 0:29 ` David Leimbach
2006-07-19 0:34 ` LiteStar numnums
2006-07-19 1:21 ` Re: Re: [9fans] if you're looking for some fun, Brantley Coile
2006-07-19 1:36 ` LiteStar numnums
2006-07-19 2:37 ` Skip Tavakkolian
2006-07-19 4:37 ` cej
2006-07-19 15:50 ` LiteStar numnums
2006-07-18 20:21 ` [9fans] if you're looking for some fun, check out selinux jmk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=283f5df10607181618q47bff969tbef9476c325d9f14@mail.gmail.com \
--to=litestar@gmail.com \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).