Gentoo Archives: gentoo-hardened

From: Alex Brandt <alunduil@××××××××.com>
To: Sven Vermeulen <swift@g.o>, gentoo-hardened@l.g.o
Subject: [gentoo-hardened] SELinux Policy Development
Date: Tue, 11 Sep 2012 15:02:21
Message-Id: 8320115.NSRTS9nJh5@elijah.alunduil.com
1 Hey Sven,
2
3 I've been reading through your wonderful handbook,
4 http://www.gentoo.org/proj/en/hardened/selinux/selinux-
5 handbook.xml?part=2&chap=5
6 , about modifying the SELinux policy in Gentoo but was hoping you could
7 provide a little more specific advice about the how to write SELinux policies
8 for personal projects:
9
10 * What's the best way to store this? With the project or as a separate code
11 repository or as a contribution to upstream policies?
12 * Is writing live ebuilds for selinux policies recommended or frowned upon?
13 * Where should my policy live in the long run?
14 * Is there anything else that you can recommend for writing policies of this
15 kind?
16
17 Thanks for any advice or best practices you can share.
18
19 Regards,
20
21 --
22 Alex Brandt
23 Sales Engineer for Rackspace, RHCE
24 http://www.alunduil.com

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-hardened] SELinux Policy Development Sven Vermeulen <swift@g.o>