Hi,
I plan to start implementing selinux and for this I need to write custom policies for the specific set of software that we run. After developing 1-2 policies and have read the mailing list I started to wonder what is best to go on long run with refpolicy or with selinux packages that come with rhel 6??
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20140211/2a41f477/attachment.html
On 02/11/14 18:18, John Joe wrote:
> I plan to start implementing selinux and for this I need to write custom policies for the specific set of software that we run. After developing 1-2 policies and have read the mailing list I started to wonder what is best to go on long run with refpolicy or with selinux packages that come with rhel 6?
If you simply want to add your custom policies on top of a base policy that makes the core system work, then either would work. Both have long term support for RHEL6. If you want to customize the base policy, it may be a little more difficult of a question. What goals do you have for your policy?
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com