Posted Nov 25, 2004 23:55 UTC (Thu) by job
Parent article: Civilizing SELinux
Every article that describes SELinux tends to describe its functionality
like a standard MAC ACL like RSBAC, grsecurity or LIDS. Actually it is
very different with several new concepts like roles, domains and types.
What I would like is an explanation of what SELinux really does, what
that system has that is superiour to the simpler systems. Is it worth the
extra complexity? It would also be interesting to highlight other
differences, such as that SELinux refers to files by their inode and the
simpler systems by name. How do the respective developers view the
pro/cons of each?
to post comments)