public inbox for gentoo-hardened@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-hardened] Feedback on updated SELinux docs
@ 2014-05-25  8:13 S. Lockwood-Childs
  2014-05-26  7:02 ` Sven Vermeulen
  0 siblings, 1 reply; 3+ messages in thread
From: S. Lockwood-Childs @ 2014-05-25  8:13 UTC (permalink / raw
  To: gentoo-hardened

Overall, it looks really good. Kudos for a job well done.

I put in a couple of edits to try to improve a couple parts that seemed
a little hard to follow, but the main area for improvement I see is that
policy types are not discussed as a core concept. "Users and logins" mentions
targeted policy in the context of unconfined_u, but there's no preceding
section that could be linked in as a reference for more information.  
The "expert" section on policy store does mention the standard policy types, 
but it seems important enough topic that it deserves a mention in the
intro article (in particular, enough to guide user on choice between strict 
and targeted). 


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [gentoo-hardened] Feedback on updated SELinux docs
  2014-05-25  8:13 [gentoo-hardened] Feedback on updated SELinux docs S. Lockwood-Childs
@ 2014-05-26  7:02 ` Sven Vermeulen
  2014-05-26 20:17   ` S. Lockwood-Childs
  0 siblings, 1 reply; 3+ messages in thread
From: Sven Vermeulen @ 2014-05-26  7:02 UTC (permalink / raw
  To: gentoo-hardened

On Sun, May 25, 2014 at 01:13:58AM -0700, S. Lockwood-Childs wrote:
> Overall, it looks really good. Kudos for a job well done.
>
> I put in a couple of edits to try to improve a couple parts that seemed
> a little hard to follow, but the main area for improvement I see is that
> policy types are not discussed as a core concept. "Users and logins" mentions
> targeted policy in the context of unconfined_u, but there's no preceding
> section that could be linked in as a reference for more information. 
> The "expert" section on policy store does mention the standard policy types,
> but it seems important enough topic that it deserves a mention in the
> intro article (in particular, enough to guide user on choice between strict
> and targeted).

Hi

Thanks for the feedback and the edits.

I was hoping that policy stores were sufficiently documented in the
installation instructions [1] as most users will not need to switch types
afterwards.

[1]
https://wiki.gentoo.org/wiki/SELinux/Installation#Choosing_a_SELinux_policy_type

I am considering moving the policy document [2] to the user guides though. I
could enhance that document with more information about policy stores as
well without touching on the more in-depth feedback that is in the policy
store document [3]

[2] https://wiki.gentoo.org/wiki/SELinux/Policy
[3] https://wiki.gentoo.org/wiki/SELinux/Policy_store

Wkr,
	Sven Vermeulen


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [gentoo-hardened] Feedback on updated SELinux docs
  2014-05-26  7:02 ` Sven Vermeulen
@ 2014-05-26 20:17   ` S. Lockwood-Childs
  0 siblings, 0 replies; 3+ messages in thread
From: S. Lockwood-Childs @ 2014-05-26 20:17 UTC (permalink / raw
  To: gentoo-hardened

On Mon, May 26, 2014 at 07:02:10AM +0000, Sven Vermeulen wrote:
> On Sun, May 25, 2014 at 01:13:58AM -0700, S. Lockwood-Childs wrote:
> > Overall, it looks really good. Kudos for a job well done.
> >
> > I put in a couple of edits to try to improve a couple parts that seemed
> > a little hard to follow, but the main area for improvement I see is that
> > policy types are not discussed as a core concept. "Users and logins" mentions
> > targeted policy in the context of unconfined_u, but there's no preceding
> > section that could be linked in as a reference for more information. 
> > The "expert" section on policy store does mention the standard policy types,
> > but it seems important enough topic that it deserves a mention in the
> > intro article (in particular, enough to guide user on choice between strict
> > and targeted).
> 
> Hi
> 
> Thanks for the feedback and the edits.
> 
> I was hoping that policy stores were sufficiently documented in the
> installation instructions [1] as most users will not need to switch types
> afterwards.
> 
> [1]
> https://wiki.gentoo.org/wiki/SELinux/Installation#Choosing_a_SELinux_policy_type
> 
> I am considering moving the policy document [2] to the user guides though. I
> could enhance that document with more information about policy stores as
> well without touching on the more in-depth feedback that is in the policy
> store document [3]
> 
> [2] https://wiki.gentoo.org/wiki/SELinux/Policy
> [3] https://wiki.gentoo.org/wiki/SELinux/Policy_store

Sounds like a good idea to me. Policy belongs as a core concept for new
users, rather than just getting a mention during installation. The section 
under installation does look pretty clear, something like that would go well
in the to-be-transplanted Policy section.


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-05-26 20:12 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-25  8:13 [gentoo-hardened] Feedback on updated SELinux docs S. Lockwood-Childs
2014-05-26  7:02 ` Sven Vermeulen
2014-05-26 20:17   ` S. Lockwood-Childs

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox