SELinux vs TOMOYO Linux?

組込みSELinuxのディスカッションスレが、少し横道にそれた。

• Yuichi:

http://marc.info/?l=selinux&m=117495719908393&w=2
↑に、組込みSELinuxの将来像について提言しているが、ついでに煽り(w

However, what if devices are poor or there are small room for SELinux?
Example of such devices are electrical appliances conneceted to network.
In such environment, people want to make SELinux as small as possible.
They may remove modular support, libsepol and booleans, uses only monolitic poilcy.
I think even some hooks may be removed to improve performance.
Some of such people are now being attracted to other light-weight Secure OSes,
such as TOMOYO Linux(http://tomoyo.sourceforge.jp/en/1.3/) and AppArmor.
I want to make them to be interested in SELinux.

組み込みの人々が
TOMOYO Linuxに興味を持ちつつあるよーと煽り。
＃その中に私が含まれているかもしれないのは、秘密(?)

• Russell:

http://marc.info/?l=selinux&m=117508171932024&w=2

> More specialized systems that have tighter constraints aren't going to
> have these configuration options since they're much more static than a
> general purpose device like a PDA.
For such things TOMOYO might be a good option. SE Linux is designed for
general purpose computers. When you get down to an embedded device with 4M
of RAM and 8M of flash that only runs three or four programs then TOMOYO may
have an advantage.

小さなシステムにTOMOYO Linuxを推薦！

• Stephen:

http://marc.info/?l=selinux&m=117508389501827&w=2

SELinux (like Linux) should scale across the full range. If it doesn't
presently, we should work to make it so.
(And I doubt you'd recommend TOMOYO if you read the code)

TOMOYO Linuxに宣戦布告か！？
SELinux万能主義だなぁ。凄い自信だ。
それにしても、TOMOYO Linuxのコードのどこに問題を見出したというのだろう。
気になる。。