On Thu, 2004-07-08 at 08:14, Pekka Pietikainen wrote: > Having a (strict) SELinux policy for it might be a good thing btw. :-) Actually, that's something that security-minded people have long been dreaming of: capture all traffic on the network interface(s), perhaps even in promisc mode, but somehow at the same time not running the sniffer itself as root, but as a user with much lower privileges. I guess a clever SELinux policy would achieve the same thing. Now that SELinux is in Fedora, i guess we could as well put it to good work. ;-) Running Ethereal, tcpdump and Snort in a SELinux "cage" would be wonderful. I'm looking forward to it. -- Florin Andrei http://florin.myip.org/
