Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo Hardened (http://www.linux-archive.org/gentoo-hardened/)
-   -   New selinux "feature" profile (http://www.linux-archive.org/gentoo-hardened/527158-new-selinux-feature-profile.html)

"Anthony G. Basile" 05-17-2011 02:00 AM
New selinux "feature" profile
 
Hi everyone,

Tomorrow I'll be adding a new selinux "feature" profile to the tree.
The idea behind this is like other features, it can be stacked on top of
other profiles and add a feature to that profile, in this case make it
selinux aware.

We've already done preliminary testing and found that it "works" for
hardened/linux/amd64, hardened/linux/amd64/no-multilib,
hardened/linux/x86, as well as some vanilla profiles. Works here means
"not without some kinks."

You'll see one or two new profiles appear. On amd64, you'll get two new
profiles:

hardened/linux/amd64/selinux
hardened/linux/amd64/no-multilib/selinux

and on x86 you'll get

hardened/linux/x86/selinux

As the name suggests, these will stack selinux on top of their
respective hardened profile.

You are free to test these, but remember they'll be marked "dev" and not
"stable". Also these do NOT replace the current selinux profiles
selinux/v2refpolicy/*. In time, they be obsolete them, but for the time
being, the new feature profile is experimental.

--
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail : blueness@gentoo.org
GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535
GnuPG ID : D0455535


All times are GMT. The time now is 01:46 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.