How best (BUT WHY) get rid of SELinux?
Les Mikesell
lesmikesell at gmail.com
Tue Sep 25 22:28:37 UTC 2007
Jonathan Underwood wrote:
> On 25/09/2007, Les Mikesell <lesmikesell at gmail.com> wrote:
>> 2) How many more years and millions will it take to adapt the
>> decades-worth of tradtional unix tools and applications that Linux users
>> take for granted to a wildly different security model?
>>
>
> This work has been done. What Unix tools are you using which aren't
> working with SElinux?
I have an assortment of suid perl scripts that run under apache's cgi
interface. I didn't expect them to work. Will they? What about
MimeDefang, running as a sendmail milter and connecting via local
sockets to an assortment of mail scanning processes that may each be
running under their own uid. I've seen issues posted about the sockets
amd SELinux. Have they been solved?
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list