Re: Mounting an encrypted volume presents the volume to all users on a machine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Oct 26, 2010 at 14:18:55 -0400,
  Przemek Klosowski <przemek.klosowski@xxxxxxxx> wrote:
> 
> Such user-differentiated authorization is provided by the filesystem 
> access rights, ACLs and SELinux attributes. Note that unlike the first 
> two mechanisms, SELinux can protect the data even for systems with 
> compromised root---as someone said, SELinux can be configured so that
> you can tell people "here's the root password; now break into my computer".

That's overstating things a bit. A root compromise is usually going to allow
working around selinux limitations.
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux