Prevent selinux deactivation
Dominick Grift
domg472 at gmail.com
Sat Sep 12 22:11:04 UTC 2009
On Sat, Sep 12, 2009 at 06:39:09PM -0300, Fernando Villarreal wrote:
> Hi all,
>
> I'm new with selinux and I'm looking for the way to protect some files
> and procceses from the root user.
>
> Of course I should prevent tha the root modify o deactivate selinux to
> access what i'm protecting.
>
> Is that possible?
Yes, root can be restricted, but implementing it requires some experience with SELinux. I would suggest that one first gets familair with the basics of SELinux and the properties of SELinux policy.
Here is a URL to a SELinux user guide: http://docs.fedoraproject.org/selinux-user-guide/f11/en-US/
Once you are confident with the basics of SELinux it will be easier to go on to the advanced configuration, and the community will be able to help you better with achieving your security goals.
>
> Thanks.
>
> Fernando.
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090913/27312b5d/attachment.sig>
More information about the fedora-selinux-list
mailing list