From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <3e1162e60607181729l663fc606jad5e25b169654028@mail.gmail.com> Date: Tue, 18 Jul 2006 17:29:16 -0700 From: "David Leimbach" To: "Fans of the OS Plan 9 from Bell Labs" <9fans@cse.psu.edu> Subject: Re: Re: Re: [9fans] if you're looking for some fun, check out selinux ... In-Reply-To: <283f5df10607181618q47bff969tbef9476c325d9f14@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <44BD2FF2.9050703@lanl.gov> <3e1162e60607181311j45ada14ax38591b706cb2c1bd@mail.gmail.com> <44BD4187.2090204@lanl.gov> <3e1162e60607181331x305a1b52od825beb247a4918b@mail.gmail.com> <283f5df10607181618q47bff969tbef9476c325d9f14@mail.gmail.com> Topicbox-Message-UUID: 8438d1f6-ead1-11e9-9d60-3106f5b1d025 I wonder when AdaOS will be done? :-) On 7/18/06, LiteStar numnums wrote: > You all seem to forget that this is a merging of anal retentive technologies > from a US government bureacracy and the anarchy of 'Linux', which is not > really a single anything accept a tree with lots and lots of code. This is > the same US goverment (although not the same bureaucracy) that unleashed > NIEM ( niem.gov) onto the world, XML with no less than NINE NAMESPACES, > which is supposed to be used for critical (read: things like 'Oh, the > leavies may have been breached') data... > On a lighter note, I've always been happy with TrustedBSD & TrustedSolaris, > or OpenVMS ;-) > > > On 7/18/06, David Leimbach wrote: > > On 7/18/06, Ronald G Minnich wrote: > > > David Leimbach wrote: > > > > > > > It (SELINUX) was easily turned off with a switch in a conf file, but > > > > it's such a pain in the ass, I don't know why it's in a "FC" style > > > > distribution at all. > > > > > > The bigger question, which I can't quite figure out yet, is does selinux > > > provide some magic dust that in turn provides a level of security not > > > attainable any other way (i.e. in something like Plan 9) ... or, is it a > > > set of hacks to cover for an obsolete way of doing things. I am tending > > > toward thinking the latter, now that I've worked with it a bit. Watch > > > the discussions on labeling files, it's interesting, because the label > > > namespace seems to be fragmenting already. > > > > > > ron > > > > > > > It's very clearly add-on technology to make up for something people > > felt was unmanageable in Unix. However do we really need both ACLs > > and SELINUX contexts? Do our files really need to have named hidden > > data to store this crap in? > > > > I've honestly not read any papers justifying the need for ACLs or > > SELINUX controls. > > > > I suddenly miss DOS. > > > > Dave > > > > > > -- > Lead thou me on, O Zeus, and Destiny, > To that goal long ago to me assigned. > I'll follow and not falter; if my will > Prove weak and craven, still I'll follow on. > -- Epictetus > > He who enters his wife's dressing room is a philosopher or a fool. -- Balzac