SELinux vs. (capabilities + file permissions)?
Posted Apr 8, 2004 20:41 UTC (Thu) by jmshh
In reply to: SELinux vs. (capabilities + file permissions)?
Parent article: Capabilities in 2.6
SELinux is much more than capabilities:
- More fine grained configurable
- Can prevent users to share access given to them
- Is role based, not just user or process
- Is more complex to administer
So you can do more with SELinux, but the price is a lot more work.
to post comments)