On Fri, 6 Apr 2001, Stefan Hoffmeister wrote:
is there any in depth discussion about compartments / mandatory access control out there that discusses risks and benefits? [cut] I am under the impression that I would have to use finer grained MAC (ACL patches / LIDS) to restrict the feature set a service may use? Hum, it's somewhat off-topic but if you're interested in some more technical stuff about access control models and such just read the thread at http://marc.theaimsgroup.com/?t=98618806300004&w=2&r=1 - it's a discussion between Amon Ott (developer of RSBAC) and Stephen Smalley of NAI/TISLabs (one of the guys behind SELinux).
best regards, Rainer Link -- Rainer Link | SuSE - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)