Hi!
On Mon, May 08, 2006 at 07:26:54PM -0400, Ned Ludd wrote:
> > * How do I make a policy?
> > * Are there reference policies? In that case, where can I get them?
> > * How do I check a policy for correctness?
> > * Where can I find more documentation (I found more documentation on
> > the kernel side of things than on the access control)?
> Your questions would start a huge thread if we begun at this level
> without you doing some homework first.
Yeah. But I don't think it's bad idea. Problem with RBAC and grlearn is
what there no single place with comprehensive yet simple enough HOWTO's,
policy examples, etc.
> learning modes. It's quite intuitive to administer once you get the
> initial hang of it.
You right!!! After I try learning mode first time I found it very
intuitive... but after I've activated rules produced by "learning mode"
my system "hang" and I have to press RESET button. :)
So I delay learning how to use learning mode without locking my system
for better time. :(
So, if somebody will summarize all documentation sources you mention -
I'll be really happy.
P.S. I _had_ read both urls you mention, at least three times each, :)
and searched google/gmane too, but this was about year ago.
P.P.S. AFAIK SELinux has much more rich documentation and a lot of
predefined policy, but my intuition says what there something wrong
with SELinux and I prefer to use RBAC as soon as I found enough
documentation. (I don't used SELinux myself, so probably my intuition
feeling based mostly on articles/posts readed on GrSecurity-related sites
and some posts about SELinux in this maillist...)
--
WBR, Alex.
--
[email protected] mailing list