postmaster@xxxxxxxx wrote:
> Paul,
>
> For "Anyone" it wouldn't be a problem, but a root user is allowed to do
> anything.
>
> So a root is always be able to stop a process on the system.
>
> Think of a solution to lock ssh access (sshd_config) for everyone, but
> you.
>
> And even this is no 100% solution.
>
And two cents from someone who's really isn't deeply into selinx: a root
user could always
$ echo 0 >/selinux/enforce
and then, with selinux in permissive mode, could do anything root could
normally do (i.e., anything).
mark
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
