1 |
On Mon, 2004-08-23 at 14:13, BarrySchwartz124@×××××××.net wrote: |
2 |
> Calum <gentoo-security@××××××××××××.uk> wrote: |
3 |
> > But as a general feeling, do people feel that SELinux will become the |
4 |
> > hardening method of choice? I.e. If I have to make a choice and commit now, |
5 |
> > shall I stick with GRSec, or start looking at SE? |
6 |
> |
7 |
> SELinux is only a mandatory access control system, so I wouldn't treat |
8 |
> that as a matter of "this or that." If you wanted SELinux, I'd think |
9 |
> you'd want grsec as well, using SELinux in place of grsec's RBAC |
10 |
> system. |
11 |
|
12 |
|
13 |
> I wonder if anyone has experience using grsecurity and |
14 |
> SELinux together. |
15 |
|
16 |
Yes.. people are doing it all the time, and it's appears to be fairly |
17 |
safe to do so assuming you don't try to enable grsec's rbac system while |
18 |
your in selinux enforcing mode. |
19 |
|
20 |
-- |
21 |
Ned Ludd <solar@g.o> |
22 |
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer |