On Wed, 2007-07-18 at 20:46 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Tue, 2007-07-17 at 19:59 -0700, Casey Schaufler wrote:
- Speaking of which, are you ok with your MAC model being overridden
by
all uid 0 processes? Or do you plan to
Quoting Stephen Smalley ([EMAIL PROTECTED]):
On Wed, 2007-07-18 at 20:46 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Tue, 2007-07-17 at 19:59 -0700, Casey Schaufler wrote:
- Speaking of which, are you ok with your MAC model being
overridden
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Wed, 2007-07-18 at 20:46 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Tue, 2007-07-17 at 19:59 -0700, Casey Schaufler wrote:
- Speaking of which, are you ok with your MAC model being
overridden by
On Tue, 2007-07-17 at 19:59 -0700, Casey Schaufler wrote:
- Speaking of which, are you ok with your MAC model being overridden by
all uid 0 processes? Or do you plan to change securebits and use file
caps?
I've been tracking the file caps closely. I like file capabilities,
but I have
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Tue, 2007-07-17 at 19:59 -0700, Casey Schaufler wrote:
- Speaking of which, are you ok with your MAC model being overridden by
all uid 0 processes? Or do you plan to change securebits and use file
caps?
I've been tracking the
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Tue, 2007-07-17 at 15:28 -0400, Stephen Smalley wrote:
On Mon, 2007-07-16 at 21:18 -0700, Casey Schaufler wrote:
Thank you for the valuable comments. I have incorporated a good number
in the updated patch: