The NSA's Security-Enhanced Linux

[Ralf-Philipp Weinmann <weinmann () RBG INFORMATIK TU-DARMSTADT DE>]

citing http://www.nsa.gov/selinux/background.html:

"Researchers in the Information Assurance Research
 Office of the National Security Agency (NSA) worked
 with Secure Computing Corporation (SCC) to develop a
 strong, flexible mandatory access control architecture
 based on Type Enforcement, a mechanism first
 developed for the LOCK system. The NSA and SCC
 developed two Mach-based prototypes of the
 architecture: DTMach and DTOS. The NSA and SCC
 then worked with the University of Utah's Flux research
 group to transfer the architecture to the Fluke research
 operating system. During this transfer, the architecture
 was enhanced to provide better support for dynamic
 security policies. This enhanced architecture was named
 Flask. The NSA is now integrating the Flask architecture
 into the Linux operating system to transfer the
 technology to a larger developer and user community."

[...]

The result is available for download at the above URL
as well. Has anyone here toyed with it already ?

Cheers,
-Ralf

--
Ralf-P. Weinmann <rpw () uni de>
PGP fingerprint: 2048/46C772078ACB58DEF6EBF8030CBF1724