[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ACL



>Date: Mon, 28 Jul 2008 09:55:13 -0400
>From: "Mark Haney" <mhaney ercbroadband org>  
>
>Laszlo BERES wrote:
>> Chris St. Pierre wrote:
>> 
>>> No.  Root is supreme.  Root can do _everything_.
>> 
>> Except when you implement SELinux with strict or MLS policies. But I 
>> think that's not an option in that case.
>> 
>Are you saying you can deny root access to a file with SELinux? Is that 
>ever wise?

Yes, and only when you have "operators" and not sysadmins with root access. The answer to that, of course, is turning off selinux in /proc, then editing /etc/selinux/conf, and turning off selinux permamantly.

   mark *really* don't like selinux


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]