Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
This may be a dumb question, but what's to stop the putative black hat from issuing
"setenforce 0" before merrily working his evil?
SELinux and Fedora
Posted Jul 11, 2008 7:48 UTC (Fri) by petebull (guest, #7857)
My guess: that command is not available for over the net access, it's only
executable at the console.
Posted Jul 11, 2008 18:51 UTC (Fri) by nix (subscriber, #2304)
Well, yeah, but part of the point of SELinux was, I thought, that root
could be confined. (Not that this is terribly useful, because there are
too many ways that root can mess up the machine. To hear PaXTeam et al
talk, everyone's running with a confined root so that DoS attacks and
holes only exploitable by root are significant. I find it rather unlikely
that *anyone* who cares about security is running under the assumption
that confined root really is secure, exactly because of the enormous
number of such 'attacks'. But I don't have any numbers and may be wrong.)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds