The current fedora.us buildsystem and future directions
Bill Nottingham
notting at redhat.com
Sat Nov 29 02:25:51 UTC 2003
Enrico Scholz (enrico.scholz at informatik.tu-chemnitz.de) said:
> 1. SELinux can protect foreign processes. But is it possible to hide
> them in /proc also?
If you cannot access it, why does it matter if it is visible?
> 4. How can disk/memory usage restricted with SELinux? Would CKRM be an
> option?
SELinux doesn't deal with resource limitations; that would be
handled by CKRM or something similar.
> 5. Can special mount-operations (e.g. /proc filesystem) be allowed by
> the policy, or does this require userspace helper also?
Not sure what you're asking here. Mount can be allowed or disallowed
based on the policy.
Bill
More information about the fedora-devel-list
mailing list