On Sat, Nov 08, 2008 at 02:36:38PM -0500, Colin Walters wrote: > On Fri, Nov 7, 2008 at 6:52 PM, Paul Wouters <paul@xxxxxxxxxxxxx> wrote: > > > > I'd rather see something replace it. > > SELinux obsoletes this use of chroot for security. Every daemon > doesn't need to grow its own private copy of the OS infrastructure. > Chroot is good and traditional method how restrict daemons. Many users still use it and it is far more easy create chroot configuration than create/maintain SELinux policy. I don't think SELinux obsoletes chroot, both try restrict daemon privileges and both have + and -. Adam -- Adam Tkac, Red Hat, Inc. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
