Networking and the firewall (Was Re: Isn't it time for the encrypted file system???)
Daniel J Walsh
dwalsh at redhat.com
Wed Mar 29 05:56:46 UTC 2006
Matthew Miller wrote:
> On Tue, Mar 28, 2006 at 11:02:05AM -0500, Daniel J Walsh wrote:
>
>> Should also be wrapped in SELinux to make sure some random app does not
>> ask for this. If I am a user and NetworkManager pops a window saying
>> somethine like
>> "In order to run correctly I need your computer to turn purple, and run
>> the Hypervizor at Warp 3" I am going to answer the question, "Yes"
>> So only apps with a security policy should even be able to do this.
>>
>
> What would happen in the absence of SELinux?
>
It will ask the user and the user will say yes.
In the SELinux case it will still ask the user, but only an approved app
will be able to open the whole in the firewall.
More information about the Fedora-maintainers
mailing list