How best get rid of SELinux?
Mike McCarty
Mike.McCarty at sbcglobal.net
Fri Sep 21 19:15:00 UTC 2007
Alan M. Evans wrote:
> On Fri, 2007-09-21 at 01:48 -0500, Mike McCarty wrote:
>
>
>>The firewall intends to prevent compromise.
>>SELinux intends to mitigate damage on a compromised machine.
>
>
> I think a better description would be that SELinux intends to keep a
> compromised application from becoming a compromised system.
One of the technical terms for that is Fault Isolation. I've designed
some Fault Isolation systems, myself.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
More information about the fedora-list
mailing list