Subject: Re: The reason for securelevel
To: None <tech-kern@netbsd.org>
From: None <joerg@britannica.bec.de>
List: tech-kern
Date: 01/30/2006 11:20:56
On Sun, Jan 29, 2006 at 12:40:58PM +0200, Elad Efrat wrote:
> btw: can you identify one crucial problem with systrace and selinux?
With SELinux: adhoc-ruleset not backed by the implementation.
With systrace: inability to restrict access based on the location of a
file when you don't know the restriction in advance.
Beside, we had this discussion before, be careful when mixing unrelated
technologies and implementation details :-)
Joerg