Greg Williamson wrote:
> As far as I can see, SUSE, Ubuntu and Debian provide SELinux
> option. But they are more conservative than RedHat/Fedora,
> because it is not enabled in the default installation.
>
> I don't think it is unpreferable decision. Users can choose the
> option by themself according to requirements in the system.
>
> ===
>
> How much of the work currently at hand might be applicable to
> other security models ? Would this be useful groundwork for
> anyone who wanted to implement other frameworks in terms of
> hooks, cleanup of existing code, etc. ?
Yes, it would offer clear groundwork for that, and could be easily
extended. We didn't implement such a system at this stage because it
would have added additional code, but once there is demand the system
could be easily extended.
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +