On Tue, 29 Aug 2006, Andrew Reilly wrote:

> On Fri, Aug 25, 2006 at 03:56:00PM -0500, Travis H. wrote:
>> That's okay, if there's sufficient number of people to write those 
>> policies.  Similarly, 99% of the Unix user population can't write solid 
>> kernel code, for example a device driver.  That's okay because we can copy 
>> bits for zero marginal cost from the people who can for the people who 
>> can't.
>
> This is getting to the heart of the bit that I don't understand about this 
> whole area (SE-Foo, etc).  Please pardon the intrusion of a know-nothing...
>
> How can someone else write my security policy for me?  How can there be just 
> one such, and application-based?  Isn't the point of policy that it's up to 
> me?  If it's just a documentation of the capabilities of the application, 
> then what does it offer over and above the application itself?
>
> What sort of applications are we talking about?  Presumably not /bin/sh or 
> /usr/pkg/bin/perl: those have rather a lot of potential behaviours.

Most of the shipped policies in recent RedHat releases are what they call 
"targeted" policies.  They narrowly constrain specific applications with 
well-defined functionality and behavior.  For example, they constrain BIND, 
Sendmail, etc.

Robert N M Watson
Computer Laboratory
University of Cambridge