Posted Mar 22, 2012 16:45 UTC (Thu) by dpquigl (subscriber, #52852)
Parent article: Shadow hardening
To clarify something. I don't see anything in the description here that makes hardened-shadow incompatible with SELinux. What I think the author is trying to say here is that he hasn't done the policy leg work to get it working with SELinux. He is welcome to come to the SELinux mailing list or the refpolicy mailing list and talk about creating a policy for hardened-shadow with us. Also without some policy changes I can see tcp potentially running into the same problem.