Posted May 5, 2006 1:10 UTC (Fri) by sshimko
In reply to: SELinux shortcomings
Parent article: The AppArmor debate begins
SELinux supports context based mounts so while it is not currently possible to label NFS files (although this has been explored) it is possible to label the entire mounted file system.
So what you're saying is that you'd rather have security policy enforced across arbitrary mount points? So if I mount a NFS share on /mnt, /media, and /home the security policy is completely different for each? This doesn't sit well with me...
to post comments)