Date: Fri, 18 Aug 2006 01:02:14 +0200
From: Pavel Machek <pavel@ucw.cz>
To: Kylene Jo Hall <kjhall@us.ibm.com>
Cc: linux-kernel <linux-kernel@vger.kernel.org>,
       LSM ML <linux-security-module@vger.kernel.org>,
       Dave Safford <safford@us.ibm.com>, Mimi Zohar <zohar@us.ibm.com>,
       Serge Hallyn <sergeh@us.ibm.com>
Subject: Re: [RFC][PATCH 8/8] SLIM: documentation
Message-ID: <20060817230213.GA18786@elf.ucw.cz>
References: <1155844419.6788.62.camel@localhost.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1155844419.6788.62.camel@localhost.localdomain>
User-Agent: Mutt/1.5.11+cvs20060126
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 948
Lines: 26

Hi!

> Documentation.

No, I still do not understand how this is supposed to work.

> +In normal operation, the system seems to stabilize with a roughly
> +equal mixture of SYSTEM, USER, and UNTRUSTED processes. Most

So you split processes to three classes (why three?), and
automagically move them between classes based on some rules? (What
rules?)

Like if I'm UNTRUSTED process, I may not read ~/.ssh/private_key? So
files get this kind of labels, too? And it is "mozilla starts as a
USER, but when it accesses first web page it becomes UNTRUSTED"?

								Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/