[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: udev slowness and selinux



On Mon, 2005-12-05 at 09:55 -0500, Daniel J Walsh wrote:
> No because this would break your security.  It might be arguable if it 
> should bring it to single user mode though.

Disagree.  You already have the options of booting with init=/bin/bash
or booting with enforcing=0 single _if_ the machine is configured to
allow setting of boot parameters (which might require a password).
Automatically switching to single-user mode would mean that someone
could always reach single-user mode by inducing a failure that corrupts
the policy (hopefully not possible in the first place, but...).

I do agree that the message should be more informative though, and that
it should be flushed to the console...

-- 
Stephen Smalley
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]