More background...

Posted May 26, 2009 22:30 UTC (Tue) by jamesmrh (guest, #31622)
Parent article: Walsh: Introducing the SELinux Sandbox

Something to note is that this was conceived partly in response to lkml discussions about expanding seccomp -- "what can we do with SELinux and sandboxing?" a couple of weeks back.

A first cut of the solution, with GUI support and Unixy semantics, is already now integrated into Fedora, via a simple policy addition to the security policy (no code changes to the kernel or userspace were required).