Networking and the firewall (Was Re: Isn't it time for the encrypted file system???)
Matthew Miller
mattdm at mattdm.org
Wed Mar 29 22:58:25 UTC 2006
On Wed, Mar 29, 2006 at 12:56:46AM -0500, Daniel J Walsh wrote:
> >>Should also be wrapped in SELinux to make sure some random app does not
> >>ask for this. If I am a user and NetworkManager pops a window saying
[...]
> >What would happen in the absence of SELinux?
> It will ask the user and the user will say yes.
> In the SELinux case it will still ask the user, but only an approved app
> will be able to open the whole in the firewall.
Sounds good, although I wonder if it might be nicer to implement this in a
way similar to that described here: <http://blog.fubar.dk/?p=66>.
Also, who decides which apps are "random" and which are approved?
--
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the Fedora-maintainers
mailing list