On Wed, 2004-04-21 at 15:48, Colin Walters wrote: > Ok. Well do you (or anyone else, Dan?) have any suggestions for the > short term? For FC2 we could just tell users to always use 'su'. The > unfortunate thing here is that Fedora users who are reading upstream > docs will get exactly the opposite information :/ In the short term, if you want to have it fall back to the Linux uid for authentication purposes if the SELinux user identity is SELINUX_DEFAULTUSER (defined in include/selinux/get_context_list.h), then that is fine. Just don't use the Linux uid as the user identity for the new context. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency