Travis H. wrote:
> On 8/25/06, Elad Efrat <elad@netbsd.org> wrote:
>> That's a good point -- but do we have to write a policy for every
>> application users are interested in running?
> 
> No, but it would be nice!
> 
> Seriously, with the targeted policy in SELinux, they just write
> policies for daemons that listen on the network.  Everything run from
> the console or command line is run in an unrestricted context.

I'm sorry, but I think that for protecting only network daemons for
desktop users, implementing SELinux-like stuff is too much.

Not only that I'm sure protecting these network services can be done
using other means (either policies implemented on-top of kauth(9), or
Systrace, or exploit mitigation technologies, or ACLs), but I think
that if this approach will introduce a false sense of security.

> Yes, they are developing them.  Fedora Core, in particular, walks you
> through a point-and-click configuration when you install.  The user
> doesn't have to write policies for virtually anything; I had to write
> one for fetchmail->postfix->procmail->nmh, but most people don't write
> any policy modules.  They are installed when you install the apps, and
> you rarely need to touch them.

I'm afraid it is, at this point, unclear to me what a normal user gets
from SELinux given a "default" installation -- comments above apply...

> Tresys is writing these tools

Isn't Tresys one of the many companies that base their income on
supporting SELinux configurations? :)

-e.

-- 
Elad Efrat