On Mon, 2006-10-09 at 21:57 -0400, Gene Czarcinski wrote:
On Monday 09 October 2006 21:22, Joshua Brindle wrote:
Gene Czarcinski wrote:
On Monday 09 October 2006 10:05, Christopher J. PeBenito wrote:
I assume that strict mode should be capable of running X ... true or false?
Strictly speaking (no pun intended) yes, since it does have the xserver module. In reality, it probably still has issues since very few desktop users want a strict policy, so it is untested.
While a server may not have a good display directly attached, it would be useful to run X remotely since some of the system configuration tools are gui only ... for example, selinux.
running X apps that are exported to a remote machine isn't the same thing as running an Xserver on the local machine.
Yes, but I was told not to install X (it was not supported). If it is "only" the running of Xserver that is not supported with strict or mls policies, then I can live with that. However, running Xserver will need to be supported to be competitive with TSOL.
I believe that you are confusing "supported" w.r.t. Red Hat and "supported" w.r.t. SELinux itself. I believe Red Hat only supports the strict policy on RHEL and only with a support contract. I'm guessing it will probably be same for the MLS/LSPP policy.
As for SELinux in general, X servers can work on the strict policy, it just hasn't had much testing with the 2.* (reference policy-based) policies.