from the secret journal of Buddha Buck ([EMAIL PROTECTED]): > >unless we have a policy against security, it should be fine. :) it's all > >gpl.
i posted that before i hit the download page. > >Security-enhanced Linux is not an attempt to correct any flaws that may > >currently exist in Linux. Instead, it is simply an example of how > >mandatory access controls that can confine the actions of any process, > >including a superuser process, can be added into Linux. The focus of this > >work has not been on system assurance or other security features such as > >security auditing, although these elements are also important for a secure > >system. > > In addition, while they provide 15 new or modified system utilities, they > also provide 36 new system-calls, and require a custom kernel to handle the > system. > > On their to-do list are the following items: > > >Port the kernel patches to the latest 2.2 kernel > >Port the kernel patches to the 2.4.0 kernel > >Port the utility patches to the latest versions of the base utilities > > so I'm not even sure we -could- apply their patches, even if we wanted to. > you have a point. but what about seperate packages for the modified ones, or even wrapper scripts like we do with dhcpd? that sounds somewhat ugly, adding quite a bit of bulk to the default install since even tar and procps get patched. -- jacob kuntz [EMAIL PROTECTED] underworld.net/~jake