-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/01/2011 08:34 PM, solarflow99 wrote:
I was curious what opinion users here have for reference policy? Is
it
worth using it to build modules?
My personal policy for my f14 system is based off of refpolicy (so is
fedoras' selinux-policy though - it is refpolicy with a fedora-specific
patch)
However i decided to base my policy off of refpolicy as opposed to
fedoras' selinux-policy for some reasons:
1. Fedora has more modules compiled into the base package, this makes
fedora selinux-policy less modular.
2. Side effects of 1. is that some functionality does not work in
fedoras" selinux-policy ( atleast not since last time i have checked )
But unless you are doing advanced user space confinement, you might not
notice the latter issue.
refpolicy works pretty well for my fedora 14 system, sure i have to
modify it quite a bit, but nothing too difficult.
So.. sure it is worth to build modules but it will require a bit work to
make it work with fedora.
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAk1tVEQACgkQMlxVo39jgT/1wgCgtQfFjnlSINoNQVni6tAypdxK
togAoJLXLFu6vomZywR8Eec2MpSws72f
=Bx0Z
-----END PGP SIGNATURE-----