begin quoting Martin B?hr as of Tue, Jul 26, 2005 at 09:47:30PM +0200: > On Tue, Jul 26, 2005 at 10:29:38AM -0700, Stewart Stremler wrote: > > Why should applications be aware of SE Linux? I don't like the idea of > > applications changing behavior to adapt to my security policies... they > > should complain with useful error messages when denied access to a resource, > > and degrade gracefully. > > how can an application give a useful errormessage if it is not aware of > SE Linux? any errormessage other than: "access to resource denied by > security policy" will likely be wrong or missleading and not really helpful.
How about "Access to resource $name denied with error code $errno" ? -Stewart "Some resource was not available for an undisclosed reason." Stremler
pgpZ1L2vl0sy5.pgp
Description: PGP signature
-- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
