Lower Process Capabilities

Serge E. Hallyn serue at us.ibm.com
Wed Jul 29 01:13:47 UTC 2009


Quoting Bill McGonigle (bill at bfccomputing.com):
> On 07/28/2009 04:11 PM, Chris Adams wrote:
> Still, is such a change less severe than changing what root means?  Is
> Fedora that committed to SELinux?  What's it going to take to make most
> people who shut off SELinux stop doing that?

Moving to heavier exploitation of capabilities doesn't mean
stop using SELinux.  Any more than finding and fixing buffer
overflows should only be done if we want to turn off selinux.

-serge




More information about the fedora-devel-list mailing list