My opinion

I was there, but regrettably I've been unable to join the discussion as the issues changed so frequently. So, let me explain my opinion.

IMO users don't care how security is attained just like they can drive a car without knowing the mechanism. So security model is not an issue here.In Japanese companies, they purchase anti virus products without exception. Why? Because they understand they need those programs.

SELinux, Smack and TOMOYO are all tools or armors. If we (NSA, Mr. Security, NTT DATA) tries to force people to use them, it may not work. If users do understand they need MACs, then they will decide to use and pay for the cost. So, to me, "how to keep MACs turned on" equals "how to tell users know they need MACs".

I think there are two ways. 1) Educate users 2) Making users to realize the needs. The latter cannot be an answer. Problem with the former approach is we cannot force and schedule. That's the dilemma I have with my project TOMOYO Linux. Any suggestions/comments?