Is anybody currently working on adding Mandatory Access Control to Tails? Any strong opinions regarding possible solutions?
See https://tails.boum.org/todo/Mandatory_Access_Control/ I would suggest to start with SELinux in "permissive" mode and incrementally adapt the policy so that in a later stage - when no "access denied" warnings occur while using Tails - "enforcing" mode can be switched on. The main effect of that change probably would be on the build process because the initial file labeling takes some time and requires a reboot. I have some experience with SELinux and Debian unstable which might help, but installing the relevant SELinux packages and enabling permissive mode is quite straightforward (at least in Debian unstable ;-). Cheers, Andreas _______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev