On Apr 26, 2011, at 10:00 AM, Russell Jones wrote: >> That is neither a good or bad thing that its impossible to convert. > I'm not sure on what basis you conclude it's impossible, though you're likely > right. > > It is not a really, really bad thing, no, but it does mean that we can't make > use a load of work that's already been done in terms of profiling what > applications are supposed to do, which is a bit of a shame.
If you're interested, the essential ingredient is the kernel support, and (at least historically) Robert Watson and trusted BSD are the likely entry points to answering the issues specifically about what is "possible". There have been connection points between the various proposed security frameworks, and there has been work with SElinux on *BSD kernels (so I was told when I asked essentially the question you asked back in ~2005). But "possible" is not bloody likely, and there's a plethora of security schemes around, so many and so complex that I'm not at all sure that "SELinux" and "AppArmor" are anything other than "brands" rather than actual honest-to-gawd security engineering "product". And I'm still patiently waiting to see Lion "sandboxing" on my lappie ... 73 de Jeff
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ macports-dev mailing list [email protected] http://lists.macosforge.org/mailman/listinfo.cgi/macports-dev
