Not logged in
Log in now
Create an account
Subscribe to LWN
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Little things that matter in language design
You have basically described a selinux system with a gpg-aware package manager.
Posted Mar 2, 2007 15:34 UTC (Fri) by aashenfe (guest, #12212)
I think "way much more" might be the problem.
When I'm looking around for different howto's for certain setups, a number of time it says they disabled SELinux to get the system to work correctly. I try to leave SELinux enabled if I can, but sometimes I still give up and disable it. I'm sure there is a way to configure SELinux correctly, and maybe I'm irresponsible for not figuring it out.
I like the Idea of signed executables because it targets one security question. "Do I let this executable run?" SElinux or AppArmor can then answer the harder to setup question "What do I let this executable do? "
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds