[DSE-Dev] SELinux release goals for Debian Jessie ?
a.kuckartz at ping.de
a.kuckartz at ping.de
Mon Sep 30 13:05:51 UTC 2013
I very likely will not be able to do anything before 0:00 tonight :-(
Would be good if someone (you?) could propose that. Now is the time to improve security.
Ideally it should be possible to run a standard Jessie Installation in enforcing mode. Is that a realistic release goal?
Cheers,
Andreas
Laurent Bigonville <bigon at debian.org> schrieb:
>Le 30 Sep 2013 10:50:20 +0200,
>"Andreas Kuckartz" <a.kuckartz at ping.de> a écrit :
>
>Hi,
>
>> Release goals for Debian Jessie are being discussed. Any suggestions
>> regarding SELinux?
>>
>> https://wiki.debian.org/ReleaseGoals
>
>Good question, I still want to make enter the policy that, if a package
>is creating a file/directory in initscript or in a maintainer script,
>it ensures (read call restorecon) that the context on disk is correct.
>
>I've opened a bug about this (#685992) a while back, but never
>committed to make this happen. I guess that when/if this is happening,
>there will be some package that will need fixes. This could be a good
>selinux release goal I guess, even if it might be difficult to mesure
>the progression.
>
>The deadline for the release goal is tonight 00:00, so I'm not too sure
>that there is still enough time left to prepare this.
>
>Cheers
>
>Laurent Bigonville
>
>_______________________________________________
>SELinux-devel mailing list
>SELinux-devel at lists.alioth.debian.org
>http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
--
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/selinux-devel/attachments/20130930/b8a6f976/attachment-0001.html>
More information about the SELinux-devel
mailing list