| 1 |
Hello |
| 2 |
|
| 3 |
I am trying to understand SELinux (and SELinux@Gentoo). I looked at |
| 4 |
"sec-policy/selinux-sudo-20070329" and it seems that this ebuild does not |
| 5 |
compile anything new. It just uses files from "Reference Policy" and builds |
| 6 |
from it module sudo.pp. |
| 7 |
|
| 8 |
The questions are: |
| 9 |
Why "sec-policy/selinux-base-policy" does not include policy rules for some |
| 10 |
programs/services (like sudo)? Why "sec-policy/selinux-base-policy" does not |
| 11 |
compile all of modules? |
| 12 |
|
| 13 |
It seems that base.pp from selinux-base-policy does not have many modules from |
| 14 |
reference policy. Some of them can be installed by different ebuild but some |
| 15 |
can't (it seems that base.pp does not contain e.g. logwatch policy rules). |
| 16 |
This is on purpose? |
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
-- |
| 21 |
Krzysztof Kozłowski |
| 22 |
http://www.kozik.net.pl |
| 23 |
|
| 24 |
|
| 25 |
-- |
| 26 |
gentoo-hardened@g.o mailing list |
Archives