On Fri, 2004-04-02 at 07:40 -0500, murphy pope wrote: > >Many users in /etc/passwd can be mapped to a single SELinux user for > access control purposes (e.g. system_u). > > Sounds like /etc/group to me. Ok, let's say you have users john, jane, doe, and poe then you have groups like: staff:x:n:john,jane,doe and file xpto: -rw-rw-r-- 1 john staff 3399 Mar 9 00:40 xpto How do you forbid doe from writing on xpto? That's an example of what SELinux brings you, in terms of permissions. You can explictly say xpto can't be written by doe. Rui -- + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...? Please AVOID sending me WORD, EXCEL or POWERPOINT attachments. See http://www.fsf.org/philosophy/no-word-attachments.html
Attachment:
signature.asc
Description: This is a digitally signed message part
