* [gentoo-hardened] New selinux "feature" profile
@ 2011-05-17 2:00 Anthony G. Basile
0 siblings, 0 replies; only message in thread
From: Anthony G. Basile @ 2011-05-17 2:00 UTC (permalink / raw
To: gentoo-hardened
Hi everyone,
Tomorrow I'll be adding a new selinux "feature" profile to the tree.
The idea behind this is like other features, it can be stacked on top of
other profiles and add a feature to that profile, in this case make it
selinux aware.
We've already done preliminary testing and found that it "works" for
hardened/linux/amd64, hardened/linux/amd64/no-multilib,
hardened/linux/x86, as well as some vanilla profiles. Works here means
"not without some kinks."
You'll see one or two new profiles appear. On amd64, you'll get two new
profiles:
hardened/linux/amd64/selinux
hardened/linux/amd64/no-multilib/selinux
and on x86 you'll get
hardened/linux/x86/selinux
As the name suggests, these will stack selinux on top of their
respective hardened profile.
You are free to test these, but remember they'll be marked "dev" and not
"stable". Also these do NOT replace the current selinux profiles
selinux/v2refpolicy/*. In time, they be obsolete them, but for the time
being, the new feature profile is experimental.
--
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail : blueness@gentoo.org
GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535
GnuPG ID : D0455535
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2011-05-17 2:02 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-17 2:00 [gentoo-hardened] New selinux "feature" profile Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox