On Wed, Mar 29, 2006 at 12:56:46AM -0500, Daniel J Walsh wrote: > >>Should also be wrapped in SELinux to make sure some random app does not > >>ask for this. If I am a user and NetworkManager pops a window saying [...] > >What would happen in the absence of SELinux? > It will ask the user and the user will say yes. > In the SELinux case it will still ask the user, but only an approved app > will be able to open the whole in the firewall. Sounds good, although I wonder if it might be nicer to implement this in a way similar to that described here: <http://blog.fubar.dk/?p=66>. Also, who decides which apps are "random" and which are approved? -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/>
