Sanity Check on Audit
m.roth at 5-cent.us
m.roth at 5-cent.us
Thu Feb 6 15:12:12 UTC 2014
postmaster at ronno.nl wrote:
> Paul,
>
> For "Anyone" it wouldn't be a problem, but a root user is allowed to do
> anything.
>
> So a root is always be able to stop a process on the system.
>
> Think of a solution to lock ssh access (sshd_config) for everyone, but
> you.
>
> And even this is no 100% solution.
>
And two cents from someone who's really isn't deeply into selinx: a root
user could always
$ echo 0 >/selinux/enforce
and then, with selinux in permissive mode, could do anything root could
normally do (i.e., anything).
mark
More information about the redhat-list
mailing list