Les Mikesell wrote:
Arthur Pemberton wrote:
Now, you're insinuating that his expectations of SELinux caused him to
practice poor traditional security and so he got hacked. Which
completely ignores the fact that he did not have SELinux when he got
hacked.
Are you saying it makes a difference if you've ssh'd in as root?
Sure it can. It all depends on policy. SSH is by default in Fedora
assigned a different policy which can be tuned to restrict access further.
Russell cooker has been for years running a SELinux system with open
root access via ssh just to demonstrate this.
http://www.coker.com.au/selinux/play.html
Rahul
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list