Per request on bug 6693 here is a list of the apps that would need to have patches applied Fileutils findutils logrotate openssh procps psmisc sh-utils stat tar util-linux vcron I don't think it should be hard to patch these, the thing i'm unsure about is version differences say gentoo uses a higher version of some package then the patch is written for, and the patch will not cleanly apply to the new version. How could you make someone who wants to compile everything with the selinux patches use the lower version that has the patch and not the higher version? Also, SELinux isn't a drop in, "automatically make me secure" thing, it requires policies, domains, and contexts be created. There would certainly need to be a fairly detailed doc written for most gentoo users, and I would love to do it, but don't know if i have the time. Perhaps if i had help... I'll just have to see
done