SELINUX file contexts FUBARed in fresh install?
Andy Burns
fedora at adslpipe.co.uk
Sun Jan 22 18:19:00 UTC 2006
Rahul Sundaram wrote:
> You are shooting the messenger there. You knew what security is.
I didn't mean it to be taken *too* negatively, of course I expect some
pain, as I mentioned we have servers with FC3 so our learning started
then ...
> Eventually it will be transparent enough and provide additional
> security by default which is what we are shooting for.
I think transparency is a large part of issue, as an old "chmod 740"
unix head, I'm quite happy with progress with owner/permissions tools
like get/setfacl, pam/ldap and winbind, but so much of SELINUX seems to
happen invisibly to users and to the kernel itself, it would be nice if
there was a separate ESELINUX that could be reported.
More information about the fedora-test-list
mailing list