| 1 |
On Mon, 2004-08-23 at 14:13, BarrySchwartz124@×××××××.net wrote: |
| 2 |
> Calum <gentoo-security@××××××××××××.uk> wrote: |
| 3 |
> > But as a general feeling, do people feel that SELinux will become the |
| 4 |
> > hardening method of choice? I.e. If I have to make a choice and commit now, |
| 5 |
> > shall I stick with GRSec, or start looking at SE? |
| 6 |
> |
| 7 |
> SELinux is only a mandatory access control system, so I wouldn't treat |
| 8 |
> that as a matter of "this or that." If you wanted SELinux, I'd think |
| 9 |
> you'd want grsec as well, using SELinux in place of grsec's RBAC |
| 10 |
> system. |
| 11 |
|
| 12 |
|
| 13 |
> I wonder if anyone has experience using grsecurity and |
| 14 |
> SELinux together. |
| 15 |
|
| 16 |
Yes.. people are doing it all the time, and it's appears to be fairly |
| 17 |
safe to do so assuming you don't try to enable grsec's rbac system while |
| 18 |
your in selinux enforcing mode. |
| 19 |
|
| 20 |
-- |
| 21 |
Ned Ludd <solar@g.o> |
| 22 |
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer |
Archives