Re: Desktop apps interoperability

[Casey Schaufler <casey@xxxxxxxxxxxxxxxx>]

--- Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
> On Thu, 2005-03-31 at 08:05 -0800, Casey Schaufler
> wrote:
> > Look here, sonny, I've been doing MLS systems
> > since 1986 and the One Truth You Must Learn
> > is that applications can not be changed. No.
> > Don't even consider thinking in this direction.
> > This is wrong. Sometimes all that's available
> > is the binary. Sometimes they like the way it
> > works.
> 
> Ah, yes.  That's certainly the example we should be
> following...the
> example set by past trusted/MLS OSes.

Oooooh! Sarcasm!

Existing MLS systems allow unprivileged
applications to run unmodified. In at least
one case that included an unmodified X server.
You have to do at least as well as the unix MLS
systems to be credible. You think that's a
low bar, so you shouldn't have any trouble,
right?

> No thanks,
> we're trying to solve
> real problems here...

Ah, and the horse you rode in on.


Casey Schaufler
casey@xxxxxxxxxxxxxxxx


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/ 

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.