SELinux is going somewhere! I found, via the Gentoo Weekly Newsletter, an article about the future of SELinux. It's written by someone who's actually working on making SELinux have a future. The author believes that the single most important thing is that SELinux must become part of the system, not just an add-on. That means you, X! Fine grained control, 'trusted' and 'un-trusted' packages, less focus on policy (explained in the article), good fallback default policies, and a particularly Stremlerish sentiment:
"One of the most important things that SELinux can do is educate software developers and companies that their software is broken and how they can fix it. I allude to this in another blog article but this will be the most help to the most people. If most systems are running SELinux and users tell vendors that disabling it isn't an option that will force them to fix their software for the betterment of all of their users. I hope that this will be one of the most significant impacts SELinux can make on the entire industry for opensource applications, commercial applications and even internal applications." The Future of SELinux http://securityblog.org/brindle/2006/08/24/the-future-of-selinux-or-how-we-are-going-to-take-over-the-world/ -todd -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
