top | item 26797223

(no title)

I was familiar with that documentation around 10 years ago, please stop making these assumptions and please stop dismissing what I have to say. The documentation is irrelevant, I'm talking about the server source code. There is one real plugin implementation there that uses SELinux. That's it. There is currently no other real way to use XACE, it's otherwise totally useless to end users.

Yes people could develop new plugins that integrate with some other security mechanism, but they haven't, in part because the hooks are so out of date, and in part because, you know, that requires building another security mechanism. The access hooks are not a security mechanism, they allow you to integrate with some external MAC.

discuss

No comments yet.