End of bind-chroot-admin script
Paul Wouters
paul at xelerance.com
Sat Nov 8 20:47:31 UTC 2008
On Sat, 8 Nov 2008, Colin Walters wrote:
> On Fri, Nov 7, 2008 at 6:52 PM, Paul Wouters <paul at xelerance.com> wrote:
>>
>> I'd rather see something replace it.
>
> SELinux obsoletes this use of chroot for security. Every daemon
> doesn't need to grow its own private copy of the OS infrastructure.
You're absolutely right. And in fact, it makes a lot of things for
me a lot easier. I'll look into getting unbound proper SElinux
policies, though if anyone has pointers for me, those would be
appreciated.
Paul
More information about the fedora-devel-list
mailing list