ACL
m.roth2006 at rcn.com
m.roth2006 at rcn.com
Mon Jul 28 18:09:54 UTC 2008
>Date: Mon, 28 Jul 2008 09:55:13 -0400
>From: "Mark Haney" <mhaney at ercbroadband.org>
>
>Laszlo BERES wrote:
>> Chris St. Pierre wrote:
>>
>>> No. Root is supreme. Root can do _everything_.
>>
>> Except when you implement SELinux with strict or MLS policies. But I
>> think that's not an option in that case.
>>
>Are you saying you can deny root access to a file with SELinux? Is that
>ever wise?
Yes, and only when you have "operators" and not sysadmins with root access. The answer to that, of course, is turning off selinux in /proc, then editing /etc/selinux/conf, and turning off selinux permamantly.
mark *really* don't like selinux
More information about the redhat-list
mailing list