selinux breaks revisor

Jeff Spaleta jspaleta at gmail.com
Tue Jan 22 18:10:22 UTC 2008


On Jan 22, 2008 9:04 AM, Simo Sorce <ssorce at redhat.com> wrote:
> It seem to me that SELinux can provide for the same (or better)
> "features" of chroot without actually requiring a chrooted environment.
> So shouldn't we simply provide targeted policies and not use chroot for
> known services ?

If that works...then great. But I think you might want to look around
first and take stock of the packages which are doing the chroots and
start with something..sane.

-jef




More information about the fedora-devel-list mailing list