|
|
Subscribe / Log in / New account

Removing run-time disabling for SELinux in Fedora

Removing run-time disabling for SELinux in Fedora

Posted Sep 24, 2020 9:22 UTC (Thu) by LtWorf (subscriber, #124958)
In reply to: Removing run-time disabling for SELinux in Fedora by ragnar
Parent article: Removing run-time disabling for SELinux in Fedora

You should run it in permissive mode and then add rules to all the audits that were generated and then disable permissive mode.

to post comments

Removing run-time disabling for SELinux in Fedora

Posted Sep 24, 2020 9:36 UTC (Thu) by ragnar (guest, #139237) [Link] (1 responses)

So if there are some hidden malware running on my machine I have now given it permission to do whatever nefarious things it wants to do anyway? How is that better than just disabling SELinux?

It is also still pretty user hostile for people not well versed in SELinux.

Removing run-time disabling for SELinux in Fedora

Posted Sep 24, 2020 11:16 UTC (Thu) by michich (guest, #17902) [Link]

You don't have to make the whole system permissive. You can set permissive domains - https://access.redhat.com/documentation/en-us/red_hat_ent...


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds