securing directories and binaries

Florin Andrei florin at andrei.myip.org
Fri May 26 21:35:44 UTC 2006


On Fri, 2006-05-26 at 15:42 -0500, Arun Binaykia wrote:

> The DAC security model is not good enough. Because the user should be
> able to run trusted processes (OO) and lowly trusted process
> (gaim/yahoomessenger)(or a downloaded executable) at the same time. 

Sounds like SELinux is what you need. You probably have to build a
custom policy.

http://fedora.redhat.com/docs/selinux-faq/

http://fedoraproject.org/wiki/SELinux

-- 
Florin Andrei

http://florin.myip.org/





More information about the fedora-list mailing list