On Wed, Apr 08, 2009 at 08:45:06PM +1000, James Morris wrote: > I don't know about TX, but it seems possible that someone might want to > make SELinux with an MLS policy interoperate with a different MLS platform > (note that this would not apply in the case of interop with purely legacy > systems, as they won't have NFSv4.x support). I have no idea how likely > this scenario is, and I wouldn't try to accommodate this goal in the > protocol unless a stakeholder could make a solid case for it.
Well, here at the IETF we do like to have interoperable protocols. We ought to at least try. > Note that we should expect interoperability between Solaris FMAC and > SELinux (i.e. the same security model implemented on different platforms, > like Unix DAC). OK.
