On 09/26/2014 09:03 AM, James Hogarth wrote:
On 25 September 2014 22:40, Daniel J Walsh <dwa...@redhat.com
<mailto:dwa...@redhat.com>> wrote:
https://danwalsh.livejournal.com/71122.html
Good article Dan ... it says clearly what I've been trying to drum
into people's heads about the role it takes and how it confines the
activity but an exploit that stays within the confines of that
activity ... well it has to be allowed or else the standard activity
would fail ;)
Yes. I also got a lot of questions how SELinux helps us with this
exploit. I believe SELinux helps as much as possible here how Dan wrote
in his blog.
Of course, there are also booleans to make a system with SELinux more
restrictive. Also confined users.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
