SELinux last straw
Arthur Pemberton
pemboa at gmail.com
Wed Oct 17 20:23:20 UTC 2007
On 10/17/07, Andy Green <andy at warmcat.com> wrote:
> Somebody in the thread at some point said:
>
> >>> Regardless, you should have a way to check and fix it, unless what you
> >>> are running is unimportant and you can abandon it.
> >> Maybe a mode that blocks the process until you yea or nay it could be
> >> interesting.
> >
> >
> > So basically Windows vista for Linux? Cancel or Allow?
>
> LOL doesn't sound so good like that.
>
> Maybe instead there's a way to make a local rule to allow a particular
> process, Les' critical process, and its children to basically run in
> permissive, while everything else stays enforced.
Well, in targetted mode SELinux only checks... targetted applications.
So it won't play with your critical process unless there's been a rule
made for it, I do believe that specific rules can be disabled however.
--
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )
More information about the fedora-list
mailing list