Alex Ackerman wrote:
>-----Original Message-----Yes strict policy will work on Fedora Core. And we are working to make transitioning from one policy to the other easier. system-config-securitylevel allows you to transition from one to the other by building a relabel into the startup scripts.
>From: fedora-selinux-list-bounces@xxxxxxxxxx on behalf of Daniel J Walsh
>Sent: Mon 9/20/2004 5:35 PM
>To: For users of Fedora Core releases; Fedora SELinux support list for users & developers.; Development discussions related to Fedora Core
>Subject: What is SELinux targeted policy?
>Strict policy is still available but will be not be installable
>directly, you can use selinux-config-securitylevel to turn it on
>and relabel the file system.
Does this mean the strict policy will not work on a Fedora Core system at all or that it will take some customization prior to working effectively? Also, are there plans to support te domains for either Sendmail or Postfix via the SELinux policy in the near future? What about PostgreSQL/MySQL?
We would like to add ftp and a mail agent to targeted policy eventually. We would like to get vsftpd to work like
login in that after the users logs in a new process gets execed under the users context or Anonymous FTP context.
The problem with mail agents is that alot of them want to touch the users home directories, and as soon as they do
we get into labeling problems around the users home directory which we are trying to avoid in targeted policy.
Dan
Thanks! Alex Ackerman http://www.darkhonor.com
------------------------------------------------------------------------
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
