[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: The current fedora.us buildsystem and future directions



Enrico Scholz (enrico scholz informatik tu-chemnitz de) said: 
> 1. SELinux can protect foreign processes. But is it possible to hide
>    them in /proc also?

If you cannot access it, why does it matter if it is visible?

> 4. How can disk/memory usage restricted with SELinux? Would CKRM be an
>    option?

SELinux doesn't deal with resource limitations; that would be
handled by CKRM or something similar.

> 5. Can special mount-operations (e.g. /proc filesystem) be allowed by
>    the policy, or does this require userspace helper also?

Not sure what you're asking here. Mount can be allowed or disallowed
based on the policy.

Bill




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]