[KLUG Members] Mandatory Access Control
Adam Williams
members@kalamazoolinux.org
Tue, 10 Feb 2004 11:51:01 -0500
> Is anyone in this list using Mandatory Access Control (MAC)?
I setup some MAC related stuff on my DC; gosh.... so long ago now I'd
have to go look at it - it has just been burbling away.
> What warrants the
> use of it?
Bequething specific root-like powers to non-root contexts.
> The gentleman from The Linux Box gave a great preso on it to KLUG
> awhile back. I'm just curious as to whether it might be something to consider
> for some projects I have coming up that require opening certain systems to the
> outside world.
I haven't really looked around in 2.6 yet; but I hope this is one of the
areas in which things are much improved. The Linux Box guy spoke on
LIDS which is an end-to-end sign-n-seal kind of deal that uses MAC,
I've just used the MAC privilage stuff.