On Wed, Dec 06, 2017 at 11:24:45AM +0100, Laurent Bigonville wrote:
> The SELinux policy could be altered to either run everything that we know is
> not ready to be confined in an unconfined domain or put that domain in
> permissive (which would result in a lot of denials being logged), so it's
> possible to behave more or less the same way as AppArmor depending of how
> the policy is designed.
It "could" be altered the same way that anyone "could" modify a
sendmail.cf file. Someone "could" create a program which plays the
game of Go written raw assembly language.
If it "could" be done, why hasn't been done in the past decade?
- Ted
