On Thu, 2007-09-20 at 13:19 +0000, Kevin Kofler wrote: > Richi Plana <myfedora <at> richip.dhs.org> writes: > > Why would anyone want an application to run, anyway, that has the > > potential of bringing down the system or accessing other users' files? > > Unfortunately, when you're the only user on the system, running your > applications as your regular user won't help much, they can still eat all your > files. You'd have to run applications like browsers as a different user to take > advantage of the user-based security model, and I don't see many people doing > that. Yeah. And a user-based, micro-level SELinux policy would probably be overkill. I suppose there's no point in restricting access of media players to only multimedia files or write access to files not marked for editing. There comes a point when the only solution is to fix the application. -- Richi Plana -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
