Amanda Lynn Rossmiller
sleepynyago at mchsi.com
Sat Jan 10 14:30:12 PST 2004
> It'd be best to make hints for both. So far the selinux patches for linux
> and coreutils dont work for LFS, they depend on other patches in the srpm
> made for redhat. Gentoo doesn't apear to have a selinux backport for
> coreutils-5.0, so now I'm looking for other selinux vendors to find patches
> that work, and figure out why the ones from the nsa don't work. I booted
> RSBAC yesterday and got X working for my normal user (in soft mode), it
> doesn't need userland patches, but I couldn't find any easy to use docs on
> setting it up properly. The help on rsbac.org is more confusing then it
> needs to be. The patent issue doesn't have anything to do with security,
> and as long as its opensource it doesn't restrict educational value. RSBAC
> is easier to drop on an existing system, but its less secure then selinux,
> at least from what I gather so far.
personally i'd rather have it minus the patents, if rsbac works for a
replacement. but i'm not an advocate, so i'll leave it there.
as for patches, try coker (i think it's coker.com.au or something like that)
they keep the selinux tools more up to date than the nsa does.
search for selinux coker and you'll find it.
i haven't ever used them, but browsed a bit on selinux.
there's also some other fun places out there,
an FAQ, and various other stuff.
More information about the hlfs-dev