On Wed, Aug 14, 2002 at 11:50:14AM +0100, Sam Vilain wrote: > You might want to investiage `security contexts', a new kernel feature > that can be used for virtual IP roots as well as making processes in > one context (even root) not able to see other contexts' processes. > The userland utilities also offer a way to remove Linux's capabilities > (eg, to disallow raw sockets or bypassing filesystem permissions). > > http://www.solucorp.qc.ca/miscprj/s_context.hc
Does this avoid selinux's patent encumbrance issues? -- Mike Stone
