On Sat, 2015-08-08 at 08:26 +0800, Ed Greshko wrote: > Not being a student of selinux I wonder if it would have protected users and > the system against the recently discovered firefox exploit. > > https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild > / > Normally firefox would run in your users context (unconfined_t), so no, this would not have prevented it. Unless you run a confined user, or firefox in a sandbox, these may have limited the scope of the damage. -- William Brown <william@xxxxxxxxxxxxxxxx> -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
