On Thu, Apr 3, 2008 at 11:33 AM, Matej Cepl <mcepl@xxxxxxxxxx> wrote: > On Tue, 01 Apr 2008 03:33:06 +0200, Mark scripst: > > > doesn't seem to add that much advantage. But i might be wrong..?? > > Yes, you are ;-). Even totally screwed up Apache server totally in hands > of script-kiddie via totally screwed up PHP release (not that it would > ever happen, just a theoretical example) cannot do more than it is > allowed to do by SELinux -- and that's not that much. I think I remember a recent case for SELinux lowering the impact of a _real_ security issue in one package. I wanted to blog about it but could not find it anymore :( -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
