Re: SELinux and the bash exploit.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 09/26/2014 09:03 AM, James Hogarth wrote:


On 25 September 2014 22:40, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
https://danwalsh.livejournal.com/71122.html


Good article Dan ... it says clearly what I've been trying to drum into people's heads about the role it takes and how it confines the activity but an exploit that stays within the confines of that activity ... well it has to be allowed or else the standard activity would fail ;)
 


Yes. I also got a lot of questions how SELinux helps us with this exploit. I believe SELinux helps as much as possible here how Dan wrote in his blog.

Of course, there are also booleans to make a system with SELinux more restrictive. Also confined users. 
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux