Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel

--- "Eric W. Biederman" <ebiederm@xmission.com> wrote:

quoted text

> My very practical question: How do I run selinux in one container, > and SMACK in another?

How would you run PREEMPT_RT in one container, and PREEMPT_DESKTOP in another? How would you run SMP in one and UP in the other? One aspect that SELinux and Smack share is that they only really provide security if all processes involved are under their control, just like the preemption behavior. This is not necessarily true of all possible LSMs. In that case it may be practicle to have different behavior for different containers. Casey Schaufler casey@schaufler-ca.com -

unsubscribe notice

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/


linux-kernel:
Fernando Luis	[PATCH] affinity is not defined in non-smp kernels - x86_64
monstr	[PATCH 52/60] microblaze_v4: fcntl.h sockios.h ucontext.h
Roland Dreier	Re: Integration of SCST in the mainstream Linux kernel
Greg KH	[PATCH] Input: add appleir USB driver
git:
Shawn O. Pearce	Re: .gitlink for Summer of Code
Linus Torvalds	Re: What's in git.git (stable), and Announcing GIT 1.4.4.3
Josh Boyer	git-unpack-objects
Jakub Narebski	Re: Git User's Survey 2007 unfinished summary continued
openbsd-misc:
Richard Stallman	Real men don't attack straw men
Henning Brauer	Re: About Xen: maybe a reiterative question but ..
sonjaya	openvpn on openbsd 4.1
Stefan Beke	mail dovecot: pipe() failed: Too many open files
linux-netdev:
Indan Zupancic	Re: Realtek 8111C transmit timed out
Julius Volz	[PATCHv3 21/24] IPVS: Add function to determine if IPv6 address is local
KOSAKI Motohiro	[bug?] tg3: Failed to load firmware "tigon/tg3_tso.bin"
Ilpo Järvinen	Re: [bug] stuck localhost TCP connections, v2.6.26-rc3+


make bzImage	6 hours ago	Linux kernel
make bzImage	7 hours ago	Linux kernel
collectl: the one performance monitoring tool for all your needs	8 hours ago	Linux general
Replacing Windows XP bootloader with GRUB bootloader	12 hours ago	Linux general
Anybody know where I can find an embedded sw engineer with good experience in digital video products???	14 hours ago	Windows
Problem in Inserting a module	17 hours ago	Linux kernel
stop process from getting scheduled out	1 day ago	Linux kernel
register_security LSM	1 day ago	Linux kernel
Process activity notification	1 day ago	Linux kernel
How to make my PCIE ATA storage device running in Linux	1 day ago	Linux general

Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel

Online users