Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

Stephen Smalley wrote: On 10/20/2015 09:42 AM, Joshua Brindle wrote: Stephen Smalley wrote: Wondering if dependency on openssl might be a license issue for Debian or others. Apparently openssl license is considered GPL-incompatible [1] [2], and obviously libselinux is linked by a variety of

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

On Oct 20, 2015 7:46 AM, "Stephen Smalley" wrote: > > On 10/20/2015 08:27 AM, Richard Haines wrote: >> >> >> >> >> >>> On Monday, 19 October 2015, 19:10, Stephen Smalley wrote: On 10/18/2015 11:00 AM, Richard Haines wrote: > On

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

> On Monday, 19 October 2015, 19:10, Stephen Smalley wrote: > > On 10/18/2015 11:00 AM, Richard Haines wrote: >> >> >>> On Sunday, 18 October 2015, 15:07, Dominick Grift > wrote: >> -BEGIN PGP SIGNED MESSAGE- >>> Hash: SHA512

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

On Tuesday, 20 October 2015, 15:00, William Roberts wrote: > > > >On Oct 20, 2015 7:46 AM, "Stephen Smalley" wrote: >> >> On 10/20/2015 08:27 AM, Richard Haines wrote: >>> >>> >>> >>> >>> On Monday, 19 October 2015, 19:10, Stephen Smalley

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

On Tue, Oct 20, 2015 at 09:56:57AM -0400, Joshua Brindle wrote: > Stephen Smalley wrote: > > On 10/20/2015 09:42 AM, Joshua Brindle wrote: > >> Stephen Smalley wrote: > >> > >>> > >>> Wondering if dependency on openssl might be a license issue for Debian > >>> or others. Apparently openssl

Static analysis to assist policy creation?

Hello SELinux list, We’ve been thinking about creating a static (or potentially concolic) analysis and testing infrastructure that would assist in the creation of finer grained SELinux policies than audit2allow. We think that some work can be done through alias analysis and domain specific

Re: [RFC PATCH v3 2/5] lsm: introduce hooks for kdbus

On Mon, Oct 19, 2015 at 6:29 PM, Paul Moore wrote: > On Friday, October 09, 2015 10:56:12 AM Stephen Smalley wrote: >> On 10/07/2015 07:08 PM, Paul Moore wrote: >> > diff --git a/ipc/kdbus/connection.c b/ipc/kdbus/connection.c >> > index ef63d65..1cb87b3 100644 >> > ---

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

FYI you can take just 1 C and H file from crypt lib. You don't need it all. On Oct 20, 2015 8:42 AM, "Richard Haines" wrote: > > On Tuesday, 20 October 2015, 15:00, William Roberts < > bill.c.robe...@gmail.com> wrote: > > > > > > > > >On Oct 20, 2015 7:46 AM,

Re: Static analysis to assist policy creation?

On Tue, Oct 20, 2015 at 01:17:27PM -0400, Andrew Ruef wrote: > Hello SELinux list, > > We’ve been thinking about creating a static (or potentially concolic) > analysis and testing infrastructure that would assist in the creation of > finer grained SELinux policies than audit2allow. We think

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

On 10/20/2015 09:42 AM, Joshua Brindle wrote: Stephen Smalley wrote: Wondering if dependency on openssl might be a license issue for Debian or others. Apparently openssl license is considered GPL-incompatible [1] [2], and obviously libselinux is linked by a variety of GPL-licensed programs.

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

Stephen Smalley wrote: Wondering if dependency on openssl might be a license issue for Debian or others. Apparently openssl license is considered GPL-incompatible [1] [2], and obviously libselinux is linked by a variety of GPL-licensed programs. Fedora seems to view this as falling under the

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

On 10/20/2015 08:27 AM, Richard Haines wrote: On Monday, 19 October 2015, 19:10, Stephen Smalley wrote: On 10/18/2015 11:00 AM, Richard Haines wrote: On Sunday, 18 October 2015, 15:07, Dominick Grift wrote: -BEGIN PGP SIGNED