Selinux disallows read-only loop mount of a file, but only at boot [SOLVED]
Alan Cox
alan at lxorguk.ukuu.org.uk
Wed May 6 18:34:44 UTC 2009
> But it really isn't the magic bullet y'all like to spout it is e.g it
> doesn't do kernel exploits, buffer overflows or prevent the last
> redhat/fedora intrusion
It helps a lot in some of those cases. I run several web servers and
because the scripts are all labelled properly SELinux has repeatedly
saved the day from the usual hole infested cgi people insist on writing.
Alan
More information about the fedora-list
mailing list