OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   RE: [xml-dev] Managing Innovation

[ Lists Home | Date Index | Thread Index ]

SELinux is neat, but it's not a requirement, and doesn't invalidate
the fact that the basic Unix security model is good.  If you consider
doing the equivalent of adding SELinux to NT-based Windows, then you
end up on a machine without a local Administrator. I bet that machine
wouldn't run. :)  So ref [0] is either a point for Unix, or a wash.

As for ref [1], same argument.  The basic model is solid.  It is quite
reasonable to allocate system resources and then renounce privileges;
I'll point to my own Usenet/NNTP (INN) system as one good example.

> [0] http://www.nsa.gov/selinux/faq.html#I2
> [1] http://books.rsbac.org/unstable/x115.html

Still waiting for the punchline...

Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS