securing directories and binaries
Florin Andrei
florin at andrei.myip.org
Fri May 26 21:35:44 UTC 2006
On Fri, 2006-05-26 at 15:42 -0500, Arun Binaykia wrote:
> The DAC security model is not good enough. Because the user should be
> able to run trusted processes (OO) and lowly trusted process
> (gaim/yahoomessenger)(or a downloaded executable) at the same time.
Sounds like SELinux is what you need. You probably have to build a
custom policy.
http://fedora.redhat.com/docs/selinux-faq/
http://fedoraproject.org/wiki/SELinux
--
Florin Andrei
http://florin.myip.org/
More information about the fedora-list
mailing list